From 9dea3b16582d47bb8473518bdfc68516b92541b9 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Tue, 9 May 2023 05:17:35 +0000
Subject: [PATCH] import open-vm-tools-12.1.5-1.el9

---
 .gitignore                                    |  2 +-
 .open-vm-tools.metadata                       |  2 +-
 ...uthorization-on-incoming-guestOps-re.patch | 56 -------------------
 SPECS/open-vm-tools.spec                      | 25 +++++----
 4 files changed, 15 insertions(+), 70 deletions(-)
 delete mode 100644 SOURCES/ovt-Properly-check-authorization-on-incoming-guestOps-re.patch

diff --git a/.gitignore b/.gitignore
index 7e4186b..d478b40 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/open-vm-tools-12.0.5-19716617.tar.gz
+SOURCES/open-vm-tools-12.1.5-20735119.tar.gz
diff --git a/.open-vm-tools.metadata b/.open-vm-tools.metadata
index 1a5a185..378fafe 100644
--- a/.open-vm-tools.metadata
+++ b/.open-vm-tools.metadata
@@ -1 +1 @@
-dcdc35708fae2e3e3192fec7e6a93c7b5c0e3c4c SOURCES/open-vm-tools-12.0.5-19716617.tar.gz
+92cfc4bc23f3f4392a0e925d639aeac37c4aafb5 SOURCES/open-vm-tools-12.1.5-20735119.tar.gz
diff --git a/SOURCES/ovt-Properly-check-authorization-on-incoming-guestOps-re.patch b/SOURCES/ovt-Properly-check-authorization-on-incoming-guestOps-re.patch
deleted file mode 100644
index fa1d479..0000000
--- a/SOURCES/ovt-Properly-check-authorization-on-incoming-guestOps-re.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From 36bbeb1a40aeefc803e63e4ba4b2a4fd011e6d19 Mon Sep 17 00:00:00 2001
-From: Cathy Avery <cavery@redhat.com>
-Date: Mon, 29 Aug 2022 12:50:45 -0400
-Subject: [PATCH] Properly check authorization on incoming guestOps requests.
-
-RH-Author: Cathy Avery <cavery@redhat.com>
-RH-MergeRequest: 8: Properly check authorization on incoming guestOps requests.
-RH-Bugzilla: 2119286
-RH-Acked-by: Mohamed Gamal Morsy <mmorsy@redhat.com>
-RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
-RH-Acked-by: Vitaly Kuznetsov <vkuznets@redhat.com>
-RH-Commit: [1/1] 6a5114b10648885d5b7e9423f87ca41ecf041b7e
-
-Tested: Tested by QE
-Upstream Status: origin/master
-Conflicts: None
-
-    commit 70a74758bfe0042c27f15ce590fb21a2bc54d745
-    Author: John Wolfe <jwolfe@vmware.com>
-    Date:   Sun Aug 21 07:56:49 2022 -0700
-
-    Properly check authorization on incoming guestOps requests.
-
-    Fix public pipe request checks.  Only a SessionRequest type should
-    be accepted on the public pipe.
-
-Signed-off-by: Cathy Avery <cavery@redhat.com>
----
- open-vm-tools/vgauth/serviceImpl/proto.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/open-vm-tools/vgauth/serviceImpl/proto.c b/open-vm-tools/vgauth/serviceImpl/proto.c
-index db7159ee..6c672601 100644
---- a/open-vm-tools/vgauth/serviceImpl/proto.c
-+++ b/open-vm-tools/vgauth/serviceImpl/proto.c
-@@ -1,5 +1,5 @@
- /*********************************************************
-- * Copyright (C) 2011-2016,2019-2021 VMware, Inc. All rights reserved.
-+ * Copyright (C) 2011-2016,2019-2022 VMware, Inc. All rights reserved.
-  *
-  * This program is free software; you can redistribute it and/or modify it
-  * under the terms of the GNU Lesser General Public License as published
-@@ -1201,6 +1201,10 @@ Proto_SecurityCheckRequest(ServiceConnection *conn,
-    VGAuthError err;
-    gboolean isSecure = ServiceNetworkIsConnectionPrivateSuperUser(conn);
- 
-+   if (conn->isPublic && req->reqType != PROTO_REQUEST_SESSION_REQ) {
-+      return VGAUTH_E_PERMISSION_DENIED;
-+   }
-+
-    switch (req->reqType) {
-       /*
-        * This comes over the public connection; alwsys let it through.
--- 
-2.31.1
-
diff --git a/SPECS/open-vm-tools.spec b/SPECS/open-vm-tools.spec
index 8a8d19e..2ffc612 100644
--- a/SPECS/open-vm-tools.spec
+++ b/SPECS/open-vm-tools.spec
@@ -19,9 +19,9 @@
 ################################################################################
 
 %global _hardened_build 1
-%global majorversion    12.0
+%global majorversion    12.1
 %global minorversion    5
-%global toolsbuild      19716617
+%global toolsbuild      20735119
 %global toolsversion    %{majorversion}.%{minorversion}
 %global toolsdaemon     vmtoolsd
 %global vgauthdaemon    vgauthd
@@ -32,7 +32,7 @@
 
 Name:             open-vm-tools
 Version:          %{toolsversion}
-Release:          2%{?dist}
+Release:          1%{?dist}
 Summary:          Open Virtual Machine Tools for virtual machines hosted on VMware
 License:          GPLv2
 URL:              https://github.com/vmware/%{name}
@@ -51,10 +51,7 @@ ExclusiveArch:    x86_64 aarch64
 ExclusiveArch:    %{ix86} x86_64 aarch64
 %endif
 
-# For bz#2119286 - CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine [rhel-9.1.0]
-Patch1: ovt-Properly-check-authorization-on-incoming-guestOps-re.patch
-
-# Source-git patches
+#Patch0: name.patch
 
 BuildRequires:    autoconf
 BuildRequires:    automake
@@ -411,12 +408,16 @@ fi
 
 %files test
 %{_bindir}/vmware-vgauth-smoketest
-
 %changelog
-* Tue Sep 06 2022 Miroslav Rezanina <mrezanin@redhat.com> - 12.0.5-2
-- ovt-Properly-check-authorization-on-incoming-guestOps-re.patch [bz#2119286]
-- Resolves: bz#2119286
-  (CVE-2022-31676 open-vm-tools: local root privilege escalation in the virtual machine [rhel-9.1.0])
+* Fri Dec 09 2022 Miroslav Rezanina <mrezanin@redhat.com> - 12.1.5-1
+- Rebase to open-vm-tools 12.1.5 [bz#2150190]
+- Resolves: bz#2150190
+  ([ESXi][RHEL9]Open-vm-tools release 12.1.5 has been released - please rebase)
+
+* Fri Sep 09 2022 Miroslav Rezanina <mrezanin@redhat.com> - 12.1.0-1
+- Rebase to open-mv-tools 12.1.0 [bz#2121203]
+- Resolves: bz#2121203
+  ([ESXi][RHEL9]Open-vm-tools release 12.1.0 has been released - please rebase)
 
 * Tue Jun 07 2022 Miroslav Rezanina <mrezanin@redhat.com> - 12.0.5-1
 - Rebase to open-vm-tools 12.0.5 [bz#2090275]