Bug 274760 - emulators/open-vm-tools: update to open-vm-tools 12.3.5
Summary: emulators/open-vm-tools: update to open-vm-tools 12.3.5
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Renato Botelho
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-27 22:19 UTC by John Wolfe
Modified: 2023-11-01 19:27 UTC (History)
5 users (show)

See Also:
bugzilla: maintainer-feedback? (garga)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Wolfe 2023-10-27 22:19:23 UTC 
open-vm-tools 12.3.0 was released on Oct. 26, 2023

There are no new features in the open-vm-tools 12.3.5 release. This is primarily a maintenance release that addresses a few critical problems, including:

  *   This release resolves CVE-2023-34058<https://github.com/advisories/GHSA-h5hf-5wcj-6hmf>. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0024.html.

  *   This release resolves CVE-2023-34059<https://github.com/advisories/GHSA-q6p8-m5f4-4vmp> which only affects open-vm-tools. For more information on this vulnerability, please see the Resolved Issues section of the Release Notes.

  *   A GitHub issue has been handled. Please see the Resolved Issues section of the Release Notes.

  *   For issues resolved in this release, see the Resolved Issues <https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/ReleaseNotes.md#resolved-issues> section of the Release Notes.

For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.5

Release Notes are available at https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/ReleaseNotes.md

The granular changes that have gone into the 12.3.5 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/open-vm-tools/ChangeLog
Comment 1 Yuhua Zou 2023-10-31 02:18:42 UTC 
3rd PR from John Wolfe:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268114
Comment 2 Yuhua Zou 2023-10-31 02:22:46 UTC 
(In reply to Yuhua Zou from comment #1)
Please ignore this comment.
Comment 3 commit-hook freebsd_committer freebsd_triage 2023-11-01 19:25:44 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=541748a4f62100300eb7716ff1a4eb091e5edf0a

commit 541748a4f62100300eb7716ff1a4eb091e5edf0a
Author:     Renato Botelho <garga@FreeBSD.org>
AuthorDate: 2023-11-01 19:12:24 +0000
Commit:     Renato Botelho <garga@FreeBSD.org>
CommitDate: 2023-11-01 19:25:27 +0000

    emulators/open-vm-tools: Update to 12.3.5

    PR:             274760
    Reported by:    John Wolfe <jwolfe@vmware.com>
    Security:       CVE-2023-34058
                    CVE-2023-34059
    Sponsored by:   Rubicon Communications, LLC ("Netgate")

 emulators/open-vm-tools/Makefile | 2 +-
 emulators/open-vm-tools/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
Comment 4 commit-hook freebsd_committer freebsd_triage 2023-11-01 19:27:45 UTC 
A commit in branch 2023Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=2e4cd054c224d5ba810df709a790bf44606eb911

commit 2e4cd054c224d5ba810df709a790bf44606eb911
Author:     Renato Botelho <garga@FreeBSD.org>
AuthorDate: 2023-11-01 19:12:24 +0000
Commit:     Renato Botelho <garga@FreeBSD.org>
CommitDate: 2023-11-01 19:27:13 +0000

    emulators/open-vm-tools: Update to 12.3.5

    PR:             274760
    Reported by:    John Wolfe <jwolfe@vmware.com>
    Security:       CVE-2023-34058
                    CVE-2023-34059
    Sponsored by:   Rubicon Communications, LLC ("Netgate")

    (cherry picked from commit 541748a4f62100300eb7716ff1a4eb091e5edf0a)

 emulators/open-vm-tools/Makefile | 2 +-
 emulators/open-vm-tools/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)