Accepted open-vm-tools 2:11.2.5-2+deb11u2 (source amd64) into oldstable-proposed-updates

Tue, 12 Sep 2023 11:47:54 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 06 Sep 2023 20:17:28 +0200
Source: open-vm-tools
Binary: open-vm-tools open-vm-tools-dbgsym open-vm-tools-desktop 
open-vm-tools-desktop-dbgsym open-vm-tools-dev open-vm-tools-sdmp 
open-vm-tools-sdmp-dbgsym
Architecture: source amd64
Version: 2:11.2.5-2+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Bernd Zeimetz <b...@debian.org>
Changed-By: Bernd Zeimetz <b...@debian.org>
Description:
 open-vm-tools - Open VMware Tools for virtual machines hosted on VMware (CLI)
 open-vm-tools-desktop - Open VMware Tools for virtual machines hosted on 
VMware (GUI)
 open-vm-tools-dev - Open VMware Tools for virtual machines hosted on VMware 
(developm
 open-vm-tools-sdmp - Open VMware Tools for VMs hosted on VMware (Service 
Discovery Plu
Closes: 1050970
Changes:
 open-vm-tools (2:11.2.5-2+deb11u2) bullseye-security; urgency=high
 .
   * [29e736e] Fixing CVE-2023-20867, CVE-2023-20900
     - Authentication Bypass vulnerability in VMware Tools (CVE-2023-20867)
       A fully compromised ESXi host can force VMware Tools to fail to
       authenticate host-to-guest operations, impacting the confidentiality
       and integrity of the guest virtual machine.
     - SAML token signature bypass vulnerability (CVE-2023-20900)
       A malicious actor with man-in-the-middle (MITM) network positioning
       between vCenter server and the virtual machine may be able to bypass
       SAML token signature verification, to perform VMware Tools Guest
       Operations. (Closes: #1050970)
Checksums-Sha1:
 00b48931dc1db0f8219b59b3cacda160df049884 2521 
open-vm-tools_11.2.5-2+deb11u2.dsc
 11860715e4fef9615e93afa33e2fe9daa005a6b7 33852 
open-vm-tools_11.2.5-2+deb11u2.debian.tar.xz
 89781142cdfeb9445067af478e0dd35c8eb77863 1972124 
open-vm-tools-dbgsym_11.2.5-2+deb11u2_amd64.deb
 c57d1c1dab71ca059b261bc27fca18d0d0242648 1364760 
open-vm-tools-desktop-dbgsym_11.2.5-2+deb11u2_amd64.deb
 4da8ba85a8120f70bb261412e647a515f65d1315 166236 
open-vm-tools-desktop_11.2.5-2+deb11u2_amd64.deb
 7f51217a64a057d701c4b83ea316b7c4262d81f7 501424 
open-vm-tools-dev_11.2.5-2+deb11u2_amd64.deb
 2ed6fbace829e2feb33a4a7c635e40b39d923b22 19308 
open-vm-tools-sdmp-dbgsym_11.2.5-2+deb11u2_amd64.deb
 9030d895ce7c2dabfca1e805179d3f1b3ac5d17f 39552 
open-vm-tools-sdmp_11.2.5-2+deb11u2_amd64.deb
 7e76861254f55f44b9ca862efb58df6e6dde9d58 18376 
open-vm-tools_11.2.5-2+deb11u2_amd64.buildinfo
 610c7094e69bccdb14068810ace45d2ce3bb8f64 630288 
open-vm-tools_11.2.5-2+deb11u2_amd64.deb
Checksums-Sha256:
 847f40d93ae1dd429d63cce59871abb943ffdb794a37be92903555be7baf17db 2521 
open-vm-tools_11.2.5-2+deb11u2.dsc
 9205b77562eb24c482dc64f315c65867724a55b5e8677923c3cdfcfc27acd526 33852 
open-vm-tools_11.2.5-2+deb11u2.debian.tar.xz
 699f9dbd0d0d6f596552d162df38e5fe49409790a1e30ce948dd01eacd94cd7e 1972124 
open-vm-tools-dbgsym_11.2.5-2+deb11u2_amd64.deb
 ec1e555fa0aa12663655099f976acc968256fd94e00d72a127c9dd4d771c19b9 1364760 
open-vm-tools-desktop-dbgsym_11.2.5-2+deb11u2_amd64.deb
 68ac335b77cd03aa86ab9285d482f9639dcf08f59d6ef88f5aba86dadb5c30fd 166236 
open-vm-tools-desktop_11.2.5-2+deb11u2_amd64.deb
 63d656420e28c6b3825ef3b348e55a2d2834a92ab827db9033383486a07502f3 501424 
open-vm-tools-dev_11.2.5-2+deb11u2_amd64.deb
 7d24b0e3775bb4a15a4c727e8027d3222abd45e77f3eaa61ffb7808266a040cf 19308 
open-vm-tools-sdmp-dbgsym_11.2.5-2+deb11u2_amd64.deb
 834f2f09b08df6a239c30a92c31bd72effa0a366f5bff115b7e9bb811c7a0f18 39552 
open-vm-tools-sdmp_11.2.5-2+deb11u2_amd64.deb
 164604369757251be8ce9f6db3e8c351176518b1f33baf204c2e2b4abba86866 18376 
open-vm-tools_11.2.5-2+deb11u2_amd64.buildinfo
 bd0b0140d135e5d6d56a4d2b841444adeace924bd04916091c5f8133da903c97 630288 
open-vm-tools_11.2.5-2+deb11u2_amd64.deb
Files:
 7cfb7e02a83e46628e84060fc5266b61 2521 admin optional 
open-vm-tools_11.2.5-2+deb11u2.dsc
 183108c0d74a742c62be1eac0ee86f10 33852 admin optional 
open-vm-tools_11.2.5-2+deb11u2.debian.tar.xz
 0acb3c2c0a4da7d3789051cb4a07c3f0 1972124 debug optional 
open-vm-tools-dbgsym_11.2.5-2+deb11u2_amd64.deb
 c184815933f3e295e39854d144494f29 1364760 debug optional 
open-vm-tools-desktop-dbgsym_11.2.5-2+deb11u2_amd64.deb
 560ce28cddcfbbdcdd3686889a3d15e8 166236 admin optional 
open-vm-tools-desktop_11.2.5-2+deb11u2_amd64.deb
 7df2070581cc8a59a008d35eb4087e3c 501424 devel optional 
open-vm-tools-dev_11.2.5-2+deb11u2_amd64.deb
 cf1f77eed4847ab15083939ff46f6e6d 19308 debug optional 
open-vm-tools-sdmp-dbgsym_11.2.5-2+deb11u2_amd64.deb
 b43a439ebe2bb50fbe81e00db551a460 39552 admin optional 
open-vm-tools-sdmp_11.2.5-2+deb11u2_amd64.deb
 a368906fd7397646ce14c124bd811386 18376 admin optional 
open-vm-tools_11.2.5-2+deb11u2_amd64.buildinfo
 a95f48e60a72ef13834a86b151fd2042 630288 admin optional 
open-vm-tools_11.2.5-2+deb11u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEE7KHj8o4RJDLUhd2V6zYXGm/5Q18FAmT592EQHGJ6ZWRAZGVi
aWFuLm9yZwAKCRDrNhcab/lDX84gEAC7eRYy1A146yObhZN1MBmyv14VbOQFp3fT
3up3PzhvCV4AhVaSToxhi7RDffuUITkCJ/zZvEoOUlDSiwf4rj4h/JFAdqUSrYdU
1GSnDFk6EG70HYo2U1R5ao4coBQm4XGLVwhWhnXqZ4X5MO7s2JbkEMBvPKWVMTxQ
GsIrzXMX+P4FAqHAksJ6vB45UCfNyNVATA8ZzyOSHZkkjri2EmLxzvJPZ1O4nQmf
K3Pi89m1R04a5z+e12+y1KP07iBVQKzI30p9LnGcOlg5V6WL81+EULLFqCX7s7pL
5YJ94OTjMVBqeby4RkcAqgPZXwzh4Sg1Za9W3OsjhYapffglI/D8RIqmkUTU3kMt
B/hOKYo4blLZOTunDd3TlqnISAIF+ZEZlAB7b06fKDRWJ9Le+kUwUvpBqiDdwHlv
i78oE649saWB+4wBx0aKdpqFfLl1ctF8JR/UwZjhRDXkXgaS/MmhdsUIBwAd7v6V
Fm7R84TQqR2l8uq6YESKlTXPilb7zAGUbDgwuCYXDB8vHFVcbAAf/1Jm3pZpiDGF
98QUapr1nmSBfqAopf1fDPdmFai31a9AI8pgc+i9dEJQVtQXeTZAhf6mJLBllmMv
6Qk+m3J3wjVZund+o2qrV2gmnY1BTG23lhzfa8o424Vtz6r91GBphMwY45iICDKh
iUhZeXD8kA==
=3UI2
-----END PGP SIGNATURE-----

Reply via email to