import open-vm-tools-12.0.5-2.el8

This commit is contained in:
CentOS Sources 2022-11-08 01:39:49 -05:00 committed by Stepan Oksanichenko
parent b858d91471
commit 0337d945d0
4 changed files with 48 additions and 18 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/open-vm-tools-11.3.5-18557794.tar.gz SOURCES/open-vm-tools-12.0.5-19716617.tar.gz

View File

@ -1 +1 @@
f6990193579d96a04bfec6f09e93e0164deef71e SOURCES/open-vm-tools-11.3.5-18557794.tar.gz dcdc35708fae2e3e3192fec7e6a93c7b5c0e3c4c SOURCES/open-vm-tools-12.0.5-19716617.tar.gz

View File

@ -1,17 +1,17 @@
From 78c066aa4912d8ccea958dffc39a73667c9979c6 Mon Sep 17 00:00:00 2001 From c8e1e5c668ead319b7a91a3a3d7decb114c5daef Mon Sep 17 00:00:00 2001
From: Cathy Avery <cavery@redhat.com> From: Cathy Avery <cavery@redhat.com>
Date: Mon, 29 Aug 2022 12:50:45 -0400 Date: Mon, 29 Aug 2022 12:50:45 -0400
Subject: [PATCH] Properly check authorization on incoming guestOps requests. Subject: [PATCH] Properly check authorization on incoming guestOps requests.
RH-Author: Cathy Avery <cavery@redhat.com> RH-Author: Cathy Avery <cavery@redhat.com>
RH-MergeRequest: 11: Properly check authorization on incoming guestOps requests. RH-MergeRequest: 12: Properly check authorization on incoming guestOps requests.
RH-Bugzilla: 2119283 RH-Bugzilla: 2119284
RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com> RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com> RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com> RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
RH-Commit: [1/1] 546959f6b3546cc19ff844041ff363ea46793d6c RH-Commit: [1/1] d2f10cdcba9d606492f371790c3a0be5b8ce965c
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2119283 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2119284
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=47491717 Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=47492094
Tested: Tested by QE Tested: Tested by QE
Upstream Status: origin/master Upstream Status: origin/master
Conflicts: None Conflicts: None
@ -27,7 +27,7 @@ Conflicts: None
Signed-off-by: Cathy Avery <cavery@redhat.com> Signed-off-by: Cathy Avery <cavery@redhat.com>
--- ---
vgauth/serviceImpl/proto.c | 6 +++++- open-vm-tools/vgauth/serviceImpl/proto.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-) 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/open-vm-tools/vgauth/serviceImpl/proto.c b/open-vm-tools/vgauth/serviceImpl/proto.c diff --git a/open-vm-tools/vgauth/serviceImpl/proto.c b/open-vm-tools/vgauth/serviceImpl/proto.c

View File

@ -19,9 +19,9 @@
################################################################################ ################################################################################
%global _hardened_build 1 %global _hardened_build 1
%global majorversion 11.3 %global majorversion 12.0
%global minorversion 5 %global minorversion 5
%global toolsbuild 18557794 %global toolsbuild 19716617
%global toolsversion %{majorversion}.%{minorversion} %global toolsversion %{majorversion}.%{minorversion}
%global toolsdaemon vmtoolsd %global toolsdaemon vmtoolsd
%global vgauthdaemon vgauthd %global vgauthdaemon vgauthd
@ -32,7 +32,7 @@
Name: open-vm-tools Name: open-vm-tools
Version: %{toolsversion} Version: %{toolsversion}
Release: 1%{?dist}.1 Release: 2%{?dist}
Summary: Open Virtual Machine Tools for virtual machines hosted on VMware Summary: Open Virtual Machine Tools for virtual machines hosted on VMware
License: GPLv2 License: GPLv2
URL: https://github.com/vmware/%{name} URL: https://github.com/vmware/%{name}
@ -44,7 +44,7 @@ Source3: run-vmblock\x2dfuse.mount
Source4: open-vm-tools.conf Source4: open-vm-tools.conf
Source5: vmtoolsd.pam Source5: vmtoolsd.pam
# For bz#2119283 - CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine [rhel-8.6.0.z] # For bz#2119284 - CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine [rhel-8.7.0]
Patch1: ovt-Properly-check-authorization-on-incoming-guestOps-re.patch Patch1: ovt-Properly-check-authorization-on-incoming-guestOps-re.patch
%if 0%{?rhel} >= 7 %if 0%{?rhel} >= 7
@ -144,6 +144,15 @@ This package contains only the user-space programs and utility scripts of
%{name} that are essential for performing service discovery in VMware %{name} that are essential for performing service discovery in VMware
virtual machines by vRealize Operations Service Discovery Management Pack. virtual machines by vRealize Operations Service Discovery Management Pack.
%package salt-minion
Summary: Script file to install/uninstall salt-minion
Group: System Environment/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}, systemd, curl, coreutils, gawk, grep
ExclusiveArch: x86_64
%description salt-minion
This package contains a script to setup Salt Minion on VMware virtual machines.
%package devel %package devel
Summary: Development libraries for Open Virtual Machine Tools Summary: Development libraries for Open Virtual Machine Tools
Requires: %{name}%{?_isa} = %{version}-%{release} Requires: %{name}%{?_isa} = %{version}-%{release}
@ -173,6 +182,9 @@ autoreconf -vif
--enable-xmlsec1 \ --enable-xmlsec1 \
--enable-resolutionkms \ --enable-resolutionkms \
--enable-servicediscovery \ --enable-servicediscovery \
%ifarch x86_64
--enable-salt-minion \
%endif
%if 0%{?fedora} || 0%{?rhel} >= 8 %if 0%{?fedora} || 0%{?rhel} >= 8
--with-tirpc \ --with-tirpc \
--without-gtk2 \ --without-gtk2 \
@ -347,6 +359,7 @@ fi
%{_libdir}/%{name}/plugins/common/*.so %{_libdir}/%{name}/plugins/common/*.so
%dir %{_libdir}/%{name}/plugins/vmsvc %dir %{_libdir}/%{name}/plugins/vmsvc
%{_libdir}/%{name}/plugins/vmsvc/libappInfo.so %{_libdir}/%{name}/plugins/vmsvc/libappInfo.so
%{_libdir}/%{name}/plugins/vmsvc/libcomponentMgr.so
%{_libdir}/%{name}/plugins/vmsvc/libdeployPkgPlugin.so %{_libdir}/%{name}/plugins/vmsvc/libdeployPkgPlugin.so
%{_libdir}/%{name}/plugins/vmsvc/libgdp.so %{_libdir}/%{name}/plugins/vmsvc/libgdp.so
%{_libdir}/%{name}/plugins/vmsvc/libguestInfo.so %{_libdir}/%{name}/plugins/vmsvc/libguestInfo.so
@ -375,6 +388,13 @@ fi
%{_libdir}/%{name}/plugins/vmsvc/libserviceDiscovery.so %{_libdir}/%{name}/plugins/vmsvc/libserviceDiscovery.so
%{_libdir}/%{name}/serviceDiscovery %{_libdir}/%{name}/serviceDiscovery
%ifarch x86_64
%files salt-minion
%dir %{_libdir}/%{name}/componentMgr/
%dir %{_libdir}/%{name}/componentMgr/saltMinion/
%{_libdir}/%{name}/componentMgr/saltMinion/svtminion.sh
%endif
%files devel %files devel
%doc docs/api/build/* %doc docs/api/build/*
%exclude %{_includedir}/libDeployPkg/ %exclude %{_includedir}/libDeployPkg/
@ -391,12 +411,22 @@ fi
%{_bindir}/vmware-vgauth-smoketest %{_bindir}/vmware-vgauth-smoketest
%changelog %changelog
* Fri Sep 02 2022 Jon Maloy <jmaloy@redhat.com> - 11.3.5-1.el8_6.1 * Tue Sep 06 2022 Jon Maloy <jmaloy@redhat.com> - 12.0.5-2
- ovt-Properly-check-authorization-on-incoming-guestOps-re.patch [bz#2119283] - ovt-Properly-check-authorization-on-incoming-guestOps-re.patch [bz#2119284]
- Resolves: bz#2119283 - Resolves: bz#2119284
(CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine [rhel-8.6.0.z]) (CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine [rhel-8.7.0])
* Mon Oct 18 2021 Miroslav Rezanian <mrezanin@redhat.com> - 11.3.5-1.el9 * Tue Jun 07 2022 Miroslav Rezanina <mrezanin@redhat.com> - 12.0.5-1
- Rebase to open-vm-tools 12.0.5 [bz#2090273]
- Resolves: bz#2090273
([ESXi][RHEL8]Open-vm-tools release 12.0.5 has been released - please rebase)
* Thu Apr 28 2022 Miroslav Rezanina <mrezanin@redhat.com> - 12.0.0-1
- Rebase to open-vm-tools 12.0.0 [bz#2061189]
- Resolves: bz#2061189
([ESXi][RHEL8]Open-vm-tools release 12.0.0 has been released - please rebase)
* Mon Oct 18 2021 Miroslav Rezanian <mrezanin@redhat.com> - 11.3.5-1
- Rebase to open-vm-tools 11.3.5 [bz#2008244] - Rebase to open-vm-tools 11.3.5 [bz#2008244]
- Resolves: bz#2008244 - Resolves: bz#2008244
([ESXi][RHEL8]Open-vm-tools release 11.3.5 has been released - please rebase) ([ESXi][RHEL8]Open-vm-tools release 11.3.5 has been released - please rebase)