[ALSA-2023:7277] Important: open-vm-tools security update
Type:
security
Severity:
important
Release date:
2023-11-16
Description:
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fix(es): * open-vm-tools: SAML token signature bypass (CVE-2023-34058) * open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper (CVE-2023-34059) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 open-vm-tools-desktop-12.2.5-3.el9_3.2.alma.1.aarch64.rpm 8b1fc49623330decb8caaf97bbada6252a4e6a02afc31446b9bec4466dc4ec64
aarch64 open-vm-tools-12.2.5-3.el9_3.2.alma.1.aarch64.rpm 916f6eb36e4dbda2f52790a7f365d119538b9634b0f30c7128480600179f3916
aarch64 open-vm-tools-test-12.2.5-3.el9_3.2.alma.1.aarch64.rpm cfe9053665bde957322935bf9d23e0fd5be2f9d41f52483530ec2ef30b1a461f
x86_64 open-vm-tools-desktop-12.2.5-3.el9_3.2.alma.1.x86_64.rpm 00264659fc0e0cfeaea1232782e496ee96d571f66566cf9e8e27a4d19f9af93d
x86_64 open-vm-tools-test-12.2.5-3.el9_3.2.alma.1.x86_64.rpm 22395d56c8e25947c4bb785b16c6e8d3586550f447eaa4d42ed666162425d694
x86_64 open-vm-tools-salt-minion-12.2.5-3.el9_3.2.alma.1.x86_64.rpm 2f03d0a85d434d52977a64432fd5cdbcceecdae659b86ad58270fa3eb11b3a15
x86_64 open-vm-tools-12.2.5-3.el9_3.2.alma.1.x86_64.rpm 88d91581166ba971cebd21c88128fc2ed2f7ecf0f06f945f0c351dd2d8f7f531
x86_64 open-vm-tools-sdmp-12.2.5-3.el9_3.2.alma.1.x86_64.rpm 98d74f1e365c39b2a77b5ccd38d7617dfbc34f7b388f2f26895347fe9b0f92bc
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.