Your message dated Mon, 03 Jun 2019 10:02:08 +
with message-id
and subject line Bug#925959: fixed in open-vm-tools 2:10.1.5-5055683-4+deb9u2
has caused the Debian Bug report #925959,
regarding open-vm-tools: insecure handling of /tmp/VMwareDnD
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
925959: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925959
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: open-vm-tools
Version: 2:9.4.6-1770165-1
Severity: critical
Tags: security upstream
Upstream released 10.3.10, which contains a fix for a long standing
security issue:
commit e88f91b00a715b79255de6576506d80ecfdb064c
Author: Oliver Kurth
Date: Tue Jan 29 14:03:19 2019 -0800
Fix possible security issue with the permissions of the intermediate
staging directory and path
/tmp/VMwareDnD is a staging directory used for DnD and CnP. It should be
a regular directory, but malicious code or user may create the
/tmp/VMwareDnD
as a symbolic link which points elsewhere on the system. This may provide
user access to user B's files.
Do not set the permission of the root directory if the root directory
already exists and has the wrong permission. The permission of the
directory
must be 1777 if it is created by the VMToolsi. If not, then the directory
has been created or modified by malicious code or user, so just cancel the
host to guest DnD or CnP operation.
This is problably broken since ever. Patching this in all (LTS)
supported releases should be easy.
--
Bernd ZeimetzDebian GNU/Linux Developer
http://bzed.dehttp://www.debian.org
GPG Fingerprint: ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F
--- End Message ---
--- Begin Message ---
Source: open-vm-tools
Source-Version: 2:10.1.5-5055683-4+deb9u2
We believe that the bug you reported is fixed in the latest version of
open-vm-tools, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 925...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bernd Zeimetz (supplier of updated open-vm-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 05 Apr 2019 23:10:04 +0200
Source: open-vm-tools
Binary: open-vm-tools open-vm-tools-desktop open-vm-tools-dev open-vm-tools-dkms
Architecture: source amd64 all
Version: 2:10.1.5-5055683-4+deb9u2
Distribution: stable
Urgency: medium
Maintainer: Bernd Zeimetz
Changed-By: Bernd Zeimetz
Description:
open-vm-tools - Open VMware Tools for virtual machines hosted on VMware (CLI)
open-vm-tools-desktop - Open VMware Tools for virtual machines hosted on
VMware (GUI)
open-vm-tools-dev - Open VMware Tools for virtual machines hosted on VMware
(developm
open-vm-tools-dkms - Open VMware Tools vmxnet kernel module (deprecated)
Closes: 925959
Changes:
open-vm-tools (2:10.1.5-5055683-4+deb9u2) stable; urgency=medium
.
* [34db05f] /tmp/VMwareDnD permissions security fix.
Fix possible security issue with the permissions of the intermediate
staging directory and path
/tmp/VMwareDnD is a staging directory used for DnD and CnP. It should be
a regular directory, but malicious code or user may create the
/tmp/VMwareDnD
as a symbolic link which points elsewhere on the system. This may provide
user access to user B's files.
Do not set the permission of the root directory if the root directory
already exists and has the wrong permission. The permission of the
directory
must be 1777 if it is created by the VMToolsi. If not, then the directory
has been created or modified by malicious code or user, so just cancel the
host to guest DnD or CnP operation. (Closes: #925959)
Checksums-Sha1:
f039ecbd4325602ce65b0b14adbf5c00ed77d077 2530
open-vm-tools_10.1.5-5055683-4+deb9u2.dsc
97429807b7b4aa13c26d6441d3492e5d50f5297a 29784
open-vm-tools_10.1.5-5055683-4+deb9u2.debian.tar.xz
cabeb506a8b900634dd3e9ff625268ada1643bdc 2000498
open-vm-tools-dbgsym_10.1.5-5055683-4+deb9u2_amd64.deb
15338555e7c231ca9a0317d393b951080b3ae9fc 197214