|
|
|
|
Changelog for open-vm-tools-desktop-12.3.5-4.2.i586.rpm :
* Mon Feb 26 2024 Dominique Leuenberger - Use %patch -P N instead of deprecated %patchN. * Wed Dec 20 2023 Dominique Leuenberger - Own %{_modulesloaddir}: used to be present via udev-mini -> kmod - > suse-module-tools dependency before. * Mon Dec 11 2023 Kirk Allan - Fix (bsc#1217796) - Fix outdated libxmlsec1 dependency version. Updates to open-vm-tools for SLES 12 SP4 and SP5 are now being built againt against libxmlsec1-1-1.2.37. Update the spec file to now require libxmlsec1-openssl1 >= 1.2.37. * Mon Oct 30 2023 Kirk Allan - Update to 12.3.5 (build 22544099) (boo#1216670) - There are no new features in the open-vm-tools 12.3.5 release. This is primarily a maintenance release that addresses a few critical problems, including: - This release resolves CVE-2023-34058. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0024.html. - This release resolves CVE-2023-34059 which only affects open-vm-tools. For more information on this vulnerability, please see the Resolved Issues section of the Release Notes. - A GitHub issue has been handled. Please see the Resolved Issues section of the Release Notes. - An update to the deployPkg plugin to coordinate with recent releases of cloud-init for improvement for guest VM customization. - For issues resolved in this release, see the Resolved Issues section of the Release Notes. - For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.5 - Release Notes are available at https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/ReleaseNotes.md - The granular changes that have gone into the 12.3.5 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/open-vm-tools/ChangeLog- Drop patch now contained in 12.3.5: - CVE-2023-34058.patch - CVE-2023-34059.patch * Sun Oct 22 2023 Bjørn Lie - Drop pkgconfig(gdk-pixbuf-xlib-2.0) BuildRequires: No longer needed, nor used (since 12.3.0 release). * Fri Oct 20 2023 Kirk Allan - Fix (bsc#1216432) - VUL-0: CVE-2023-34058: open-vm-tools: SAML token signature bypass vulnerability.- Fix (bsc#1216433) - VUL-0: : CVE-2023-34059: open-vm-tools: file descriptor hijack vulnerability + Add patch: - CVE-2023-34058.patch - CVE-2023-34059.patch * Thu Sep 28 2023 Kirk Allan - 15 sp4 currently uses open-vm-tools rpms from 15 sp3. As such, enable the spec file fix for bug (bsc#1205927) for 15 sp3 onwards. * Thu Sep 21 2023 Marcus Meissner - open-vm-tools is built with containerinfo plugin from 15 sp3 onwards * Wed Sep 06 2023 Kirk Allan - Update to 12.3.0 (build 22234872) (boo#1214850) - There are no new features in the open-vm-tools 12.3.0 release. This is primarily a maintenance release that addresses a few critical problems, including: - This release integrates CVE-2023-20900 without the need for a patch. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0019.html. - A tools.conf configuration setting is available to temporaily direct Linux quiesced snaphots to restore pre open-vm-tools 12.2.0 behavior of ignoring file systems already frozen. - Building of the VMware Guest Authentication Service (VGAuth) using \"xml-security-c\" and \"xerces-c\" is being deprecated. - A number of Coverity reported issues have been addressed. - A number of GitHub issues and pull requests have been handled. Please see the Resolves Issues section of the Release Notes. - For issues resolved in this release, see the Resolved Issues section of the Release Notes. - For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.0 - Release Notes are available at https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/ReleaseNotes.md - The granular changes that have gone into the 12.3.0 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/open-vm-tools/ChangeLog- Fix (bsc#1205927) - hv_vmbus module is loaded unnecessarily in VMware guests- jsc-PED-1344 - reinable building containerinfo plugin for SLES 15 SP4.- Drop patch now contained in 12.3.0: + 0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch + 0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch + 2023-20867-Remove-some-dead-code.patch + CVE-20230-20900.patch * Mon Aug 28 2023 Kirk Allan - Fix (bsc#1214566) - (CVE-2023-20900) - VUL-0: CVE-2023-20900: open-vm-tools: SAML token signature bypass vulnerability + Add patch: CVE-20230-20900.patch * Tue Jun 27 2023 Dirk Müller - limit to protobuf < 22 for now until build failures have been fixed * Mon Jun 12 2023 Kirk Allan - Fix (bsc#1212143) - (CVE-2023-20867) - VUL-0: CVE-2023-20867: open-vm-tools: Authentication Bypass vulnerability in the vgauth module + Add patch: 2023-20867-Remove-some-dead-code.patch * Tue May 02 2023 Jan Engelhardt - Add 0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch, 0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch [boo#1210695]- Reduce generated script size by coalescing multiple %service_ * * Tue Apr 04 2023 Kirk Allan - As per jsc-PED-1344, update spec file to only build the containerinfo plugin for TW/SLES 15 SP5 and newer. * Tue Mar 28 2023 Kirk Allan - Update to 12.2.0 (build 21223074) (boo#1209128) - There are no new features in the open-vm-tools 12.2.0 release. This is primarily a maintenance release that addresses a few critical problems, including: - Linux quiesced snapshots have been updated to avoid intermittent hangs of the vmtoolsd process. - Updated the guestOps to handle some edge cases when File_GetSize() fails or returns -1. - A number of Coverity reported issues have been addressed. - Detect the proto files for the containerd grpc client in alternate locations. Pull request #626 - FreeBSD: Support newer releases and code clean-up for earlier versions. Pull request #584 - Please refer to the release notes at https://github.com/vmware/open-vm-tools/blob/stable-12.2.0/ReleaseNotes.md - The granular changes that have gone into the 12.2.0 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-12.2.0/ open-vm-tools/ChangeLog- Update detect-suse-location.patch to remove upstream accepted portion of the patch (jsc-PED-1344). * Wed Dec 28 2022 Stefan Schubert - Migration of PAM settings to /usr/lib/pam.d. * Wed Dec 14 2022 Kirk Allan - Don\'t list libgrpc++, libgrpc, and libprotobuf in the containerinfo Requires section. The dependencies will be added automatically. * Tue Dec 13 2022 Kirk Allan - Don\'t use new LDFLAGS, -labsl_synchronization -lgpr, when building for SLE. * Mon Dec 12 2022 Caleb Crane - Add containerInfo plugin (jsc-PED-1344) - Add dependencies on grpc, protobuf, and containerd for container introspection- Added patches (jsc-PED-1344) + detect-suse-location.patch * Thu Dec 08 2022 Caleb Crane - Add _service to handle open-vm-tools sources- Update to 12.1.5 (build 20735119) (boo#1205962) - A number of Coverity reported issues have been addressed. - The deployPkg plugin may prematurely reboot the guest VM before cloud-init has completed user data setup. If both the Perl based Linux customization script and cloud-init run when the guest VM boots, the deployPkg plugin may reboot the guest before cloud-init has finished. The deployPkg plugin has been updated to wait for a running cloud-init process to finish before the guest VM reboot is initiated. This issue is fixed in this release. - A SIGSEGV may be encountered when a non-quiesing snapshot times out. This issue is fixed in this release. - Unwanted vmtoolsd service error message if not on a VMware hypervisor. When open-vm-tools comes preinstalled in a base Linux release, the vmtoolsd services are started automatically at system start and desktop login. If running on physical hardware or in a non-VMware hypervisor, the services will emit an error message to the Systemd\'s logging service before stopping. This issue is fixed in this release. * Thu Aug 25 2022 Kirk Allan - Update to 12.1.0 (build 20219665) (boo#1202733) + New/Updated features: - Contains security update fix for (bsc#1202657) - (CVE-2022-31676) VUL-0: CVE-2022-31676: open-vm-tools: local privilege escalation vulnerability + A number of Coverity reported issues have been addressed. + [FTBFS] Fix the build of the ContainerInfo plugin for a 32-bit Linux release: https://github.com/vmware/open-vm-tools/pull/588 + Make HgfsConvertFromNtTimeNsec aware of 64-bit time_t on i386 (32-bit) This change incorporates the support of 64 bit time epoch conversion from Windows NT time to Unix Epoch time on i386. https://github.com/vmware/open-vm-tools/pull/387- Drop patch now contained in 12.1.0: + gcc_size_t.patch * Mon Mar 28 2022 Kirk Allan - Update to 12.0.0 (build 19345655) (boo#1196803)- jsc#SLE-24097 ECO Update open-vm-tools 12.0.0 + New/Updated features: - Support for managing Salt Minion through guest variables. A new open-vm-tools-salt-minion rpm is added to handle this support. jsc#SLE-24094 Update open-vm-tools 12.0.0 SLES15SP4 jsc#SLE-24095 Update open-vm-tools 12.0.0 SLES15SP3 jsc#SLE-24096 Update open-vm-tools 12.0.0 SLES12SP5 - New ComponentMgr plugin to manage (add, remove, monitor) components on the guest VM. - Patch to fix potential Fail to Build from Source [FTBFS] (boo#1196804). - Build vmhgfs with either libfuse2 or libfuse3. + A number of Coverity and Codacy reported issues have been addressed. + The following issues and pull requests reported on github.com/vmware/open-vm-tools have been addressed: Issue # 128, Issue # 314, Pull # 513, Pull # 544, Pull # 573- Added patches + gcc_size_t.patch (boo#1196804) * Mon Oct 04 2021 Kirk Allan - Update to 11.3.5 (build 18557794) (boo#1190987) + New/Updated features: - Added a configurable logging capability to the network script. The network script has been updated to: use vmware-toolbox-cmd to query any network logging configuration from the tools.conf file. Use vmtoolsd --cmd \"log ...\" to log a message to the vmx logfile when the logging handler is configured to \"vmx\" or when the logfile is full or is not writeable. - The hgfsmounter (mount.vmhgfs) command has been removed from open-vm-tools. The hgfsmounter (mount.vmhgfs) command is no longer used in Linux open-vm-tools. It has been replaced by hgfs-fuse. Therefore, removing all references to the hgfsmounter in Linux builds. + Resolved issues: - Customization: Retry the Linux reboot if telinit is a soft link to systemctl. - Open-vm-tools commands would hang if configured with \"--enable-valgrind\". + Spec file updates for: - rpmlint errors - arg_xmlsec1 --enable-xmlsec1 for better xmlsec1/libxml2 handling. * Thu Jun 24 2021 Kirk Allan - Update to 11.3.0 (build 18090558) (boo#1187567) + Resolved issues: - The following github issues and pull requests have been resolved: 446, 481, 500, and 509 - The following Pull requests have been resolved: 474 and 505 - A number of issues detected by Coverity, internally or by third parties, have been addressed. - A command line tool, vmwgfxctrl, has been added to open-vm-tools for Linux that can be used to control various aspects of the vmwgfx Linux kernel module. Currently it can both display and set the current topology of the vmwgfx kernel driver. It is useful when trying to configure custom resolutions on recent Linux distributions, including multi-monitor setups. - A command line tool, vmware-alias-import, has been added to open-vm-tools that can be used to import vgauth config data and apply it to the running vgauth service. - Enhancements to support or utilize various vSphere features.- Fixed bug (bsc#1185175) In vmtoolsd.service move deprecated path \"/var/run\" to \"/run\" for it\'s PIDfile.- Update pam-vmtoolsd.patch to compensate for new line numbers.- Drop patch now contained in 11.3.0: - open-vm-tools-glib-2.67.patch - open-vm-tools-pollGtk.patch * Thu May 06 2021 Kirk Allan - Add open-vm-tools-pollGtk.patch: Fixes boo#1185103 GCC 11: open-vm-tools package fails. * Fri Mar 26 2021 Dominique Leuenberger - Add open-vm-tools-glib-2.67.patch: Fix build with glib 2.67. Patch has been borrowed by Fedora, upstream is still busy working out a patch (I\'d not be surprised if they end up merging this finally. https://github.com/vmware/open-vm-tools/issues/500 * Mon Mar 15 2021 Ludwig Nussel - prepare usrmerge (boo#1029961) * Thu Jan 21 2021 Kirk Allan - Update to 11.2.5 (build 17337674) (boo#1180997) + Resolved issues: - The SUSE specific vmtoolsd PAM configuration file incorrectly referenced pam_securetty.so. - The following issues and pull requests reported on https://github.com/vmware/open-vm-tools have been addressed: https://github.com/vmware/open-vm-tools/issues/467 https://github.com/vmware/open-vm-tools/issues/468 https://github.com/vmware/open-vm-tools/pull/469 - A number of Coverity reported errors and false positives have been addressed. - A complete list of the granular changes that are in the open-vm-tools 11.2.5 release is available at: https://github.com/vmware/open-vm-tools/blob/stable-11.2.5/open-vm-tools/ChangeLog- Update pam-vmtoolsd.patch: With the pam_securetty.so entry fixed, only need the modified Makefile.am portion of the patch which copies the suse file to the /etc/pam.d/vmtoolsd file rather than the default generic file.
|
|
|