Package new upstream version open-vm-tools-12.1.0-20219665.

. fix for CVE-2022-31676 a local privilege escalation vulnerability.
  . address a number of Coverity reported issues.
Remove patch 1205-Properly-check-authorization-on-incoming-guestOps-re.patch
  as no longer needed.

.gitignore

@@ -24,3 +24,4 @@
 /open-vm-tools-11.3.5-18557794.tar.gz
 /open-vm-tools-12.0.0-19345655.tar.gz
 /open-vm-tools-12.0.5-19716617.tar.gz
+/open-vm-tools-12.1.0-20219665.tar.gz

1205-Properly-check-authorization-on-incoming-guestOps-re.patch

@@ -1,36 +0,0 @@
-From be635a7eaf7bd19177b7002aa2c793c78be77ecc Mon Sep 17 00:00:00 2001
-From: John Wolfe <jwolfe@vmware.com>
-Date: Wed, 10 Aug 2022 07:20:28 -0700
-Subject: [PATCH] Properly check authorization on incoming guestOps requests
-
-Fix public pipe request checks.  Only a SessionRequest type should
-be accepted on the public pipe.
----
- open-vm-tools/vgauth/serviceImpl/proto.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/open-vm-tools/vgauth/serviceImpl/proto.c b/open-vm-tools/vgauth/serviceImpl/proto.c
-index db7159e..c4f85b0 100644
---- a/vgauth/serviceImpl/proto.c
-+++ b/vgauth/serviceImpl/proto.c
-@@ -1,5 +1,5 @@
- /*********************************************************
-- * Copyright (C) 2011-2016,2019-2021 VMware, Inc. All rights reserved.
-+ * Copyright (c) 2011-2016,2019-2022 VMware, Inc. All rights reserved.
-  *
-  * This program is free software; you can redistribute it and/or modify it
-  * under the terms of the GNU Lesser General Public License as published
-@@ -1201,6 +1201,10 @@ Proto_SecurityCheckRequest(ServiceConnection *conn,
-    VGAuthError err;
-    gboolean isSecure = ServiceNetworkIsConnectionPrivateSuperUser(conn);
- 
-+   if (conn->isPublic && req->reqType != PROTO_REQUEST_SESSION_REQ) {
-+      return VGAUTH_E_PERMISSION_DENIED;
-+   }
-+
-    switch (req->reqType) {
-       /*
-        * This comes over the public connection; alwsys let it through.
--- 
-2.6.2
-

open-vm-tools.spec

@@ -19,9 +19,9 @@
 ################################################################################
 
 %global _hardened_build 1
-%global majorversion    12.0
-%global minorversion    5
-%global toolsbuild      19716617
+%global majorversion    12.1
+%global minorversion    0
+%global toolsbuild      20219665
 %global toolsversion    %{majorversion}.%{minorversion}
 %global toolsdaemon     vmtoolsd
 %global vgauthdaemon    vgauthd
@@ -32,7 +32,7 @@
 
 Name:             open-vm-tools
 Version:          %{toolsversion}
-Release:          3%{?dist}
+Release:          1%{?dist}
 Summary:          Open Virtual Machine Tools for virtual machines hosted on VMware
 License:          GPLv2
 URL:              https://github.com/vmware/%{name}
@@ -52,7 +52,7 @@ ExclusiveArch:    %{ix86} x86_64 aarch64
 %endif
 
 # Patches
-Patch1:           1205-Properly-check-authorization-on-incoming-guestOps-re.patch
+#Patch1:           <patch-name1>.patch
 
 BuildRequires:    autoconf
 BuildRequires:    automake
@@ -420,7 +420,14 @@ fi
 %{_bindir}/vmware-vgauth-smoketest
 
 %changelog
-* Sun Sept 4 2022 John Wolfe <jwolfe@vmware.com> - 12.0.5-3
+* Thu Sep 8 2022 John Wolfe <jwolfe@VMWARE.COM> - 12.1.0-1
+- Package new upstream version open-vm-tools-12.1.0-20219665.
+  . fix for CVE-2022-31676 - a local privilege escalation vulnerability.
+  . address a number of Coverity reported issues.
+- Remove patch 1205-Properly-check-authorization-on-incoming-guestOps-re.patch
+  as no longer needed.
+
+* Sun Sep 4 2022 John Wolfe <jwolfe@vmware.com> - 12.0.5-3
 - Add patch 1205-Properly-check-authorization-on-incoming-guestOps-re.patch
   to fix CVE-2022-31676 in open-vm-tools 12.0.5 tracked in PR 120976.
 - Correct build requirements - replace systemd-rpm-macros with systemd_udev.

sources

@@ -1 +1 @@
-SHA512 (open-vm-tools-12.0.5-19716617.tar.gz) = d0e842a33e423cb07f86c2c7c9b3d2e7bca85c49c922d14529a72db322931b3baedad386bffc1bb500bb4fe8b572529f3c63fc823732405849edb6344b405714
+SHA512 (open-vm-tools-12.1.0-20219665.tar.gz) = 00cd71a5fc25d854d0043b2ddfb7f759e3b3138acb9f33f7452641d7520e46bfa39ff784bde6c711de6e8aec24309720532100d7a8588fb1bebaa378b9566a2a