* Mon Dec 04 2023 Miroslav Rezanina <mrezanin@redhat.com> - 12.3.5-2

* Thu Nov 09 2023 Miroslav Rezanina <mrezanin@redhat.com> - 12.3.5-1
- Rebase to 12.3.5-1 [RHEL-15058] - Fixed CVE-2023-34058 [RHEL-14653] - Fixed CVE-2023-34059 [RHEL-14687] - Resolves: RHEL-15058 ([ESXi][RHEL9]open-vm-tools version 12.3.5 has been released - please rebase) - Resolves: RHEL-14653 (CVE-2023-34058 open-vm-tools: SAML token signature bypass [rhel-9.4.0]) - Resolves: RHEL-14687 (CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper [rhel-9.4.0])
2023-12-05 08:57:12 +00:00 · 2023-11-09 04:47:36 -05:00
2 changed files with 9 additions and 1 deletions
--- a/open-vm-tools.spec
+++ b/open-vm-tools.spec
@ -31,7 +31,7 @@

 Name:             open-vm-tools
 Version:          %{toolsversion}
-Release:          1%{?dist}
+Release:          2%{?dist}
 Summary:          Open Virtual Machine Tools for virtual machines hosted on VMware
 License:          GPLv2
 URL:              https://github.com/vmware/%{name}
@ -418,6 +418,11 @@ fi
 %{_bindir}/vmware-vgauth-smoketest

 %changelog
+* Mon Dec 04 2023 Miroslav Rezanina <mrezanin@redhat.com> - 12.3.5-2
+- ovt-Restart-tools-on-failure.patch [RHEL-15346]
+- Resolves: RHEL-15346
+  (Add Restart=on-failure to vmtoolsd.service)
+
 * Thu Nov 09 2023 Miroslav Rezanina <mrezanin@redhat.com> - 12.3.5-1
 - Rebase to 12.3.5-1 [RHEL-15058]
 - Fixed CVE-2023-34058 [RHEL-14653]
--- a/vmtoolsd.service
+++ b/vmtoolsd.service
@ -4,10 +4,13 @@ Documentation=https://github.com/vmware/open-vm-tools
 ConditionVirtualization=vmware
 Requires=vgauthd.service
 After=vgauthd.service
+StartLimitIntervalSec=30
+StartLimitBurst=3

 [Service]
 ExecStart=/usr/bin/vmtoolsd
 TimeoutStopSec=5
+Restart=on-failure

 [Install]
 WantedBy=multi-user.target