1214850 – open-vm-tools 12.3.0 has been released - please rebase

Bug 1214850 - open-vm-tools 12.3.0 has been released - please rebase

Summary: open-vm-tools 12.3.0 has been released - please rebase

Status:	RESOLVED FIXED

Alias:	None

Product:	openSUSE Tumbleweed
Classification:	openSUSE
Component:	Virtualization:Tools (show other bugs)
Version:	Current
Hardware:	Other Other

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assignee:	Kirk Allan
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2023-08-31 23:22 UTC by John Wolfe
Modified:	2024-03-27 16:34 UTC (History)
CC List:	7 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Wolfe 2023-08-31 23:22:44 UTC

open-vm-tools 12.3.0 was released on Aug. 31, 2023.

Also affects project (?) Also affects distribution/package
Edit
Bug Description

There are no new features in the open-vm-tools 12.3.0 release. This is primarily a maintenance release that addresses a few critical problems, including:

This release resolves CVE-2023-20900. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0019.html.

A tools.conf configuration setting is available to temporaily direct Linux quiesced snaphots to restore pre open-vm-tools 12.2.0 behavior of ignoring file systems already frozen.

Building of the VMware Guest Authentication Service (VGAuth) using "xml-security-c" and "xerces-c" is being deprecated.

A number of Coverity reported issues have been addressed.

A number of GitHub issues and pull requests have been handled. Please see the Resolves Issues section of the Release Notes.

For issues resolved in this release, see the Resolved Issues section of the Release Notes.

For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.0

Release Notes are available at https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/ReleaseNotes.md

The granular changes that have gone into the 12.3.0 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/open-vm-tools/ChangeLog

Note: With the changes upstreamed and the fix for CVE-2023-20867 in the source, you may not need the following patches in your open-vm-toold pacjage build:

0001-build-put-l-specifiers-into-LIBADD-not-LDFLAGS.patch
0002-build-use-grpc-pkgconfig-to-retrieve-flags-libraries.patch
2023-20867-Remove-some-dead-code.patch
detect-suse-location.patch

Please rebase open-vm-tools version 12.3.0 in supported releases of SLES 12 and SLES 15 for x86_64/amd64 and aarch64/ARM64 architectures as appropriate.

Comment 2 Maintenance Automation 2023-09-26 20:30:11 UTC

SUSE-SU-2023:3795-1: An update that solves one vulnerability, contains one feature and has one security fix can now be installed.

Category: security (important)
Bug References: 1205927, 1214850
CVE References: CVE-2023-20900
Jira References: PED-1344
Sources used:
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): open-vm-tools-12.3.0-4.59.1
SUSE Linux Enterprise High Performance Computing 12 SP5 (src): open-vm-tools-12.3.0-4.59.1
SUSE Linux Enterprise Server 12 SP5 (src): open-vm-tools-12.3.0-4.59.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 3 Maintenance Automation 2023-09-27 20:30:39 UTC

SUSE-SU-2023:3835-1: An update that solves one vulnerability, contains one feature and has one security fix can now be installed.

Category: security (important)
Bug References: 1205927, 1214850
CVE References: CVE-2023-20900
Jira References: PED-1344
Sources used:
openSUSE Leap 15.4 (src): open-vm-tools-12.3.0-150300.37.1
openSUSE Leap 15.5 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Micro for Rancher 5.3 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Micro 5.3 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Micro 5.4 (src): open-vm-tools-12.3.0-150300.37.1
Basesystem Module 15-SP4 (src): open-vm-tools-12.3.0-150300.37.1
Basesystem Module 15-SP5 (src): open-vm-tools-12.3.0-150300.37.1
Desktop Applications Module 15-SP4 (src): open-vm-tools-12.3.0-150300.37.1
Desktop Applications Module 15-SP5 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Manager Proxy 4.2 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Manager Retail Branch Server 4.2 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Manager Server 4.2 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Enterprise Storage 7.1 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Micro 5.1 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Micro 5.2 (src): open-vm-tools-12.3.0-150300.37.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src): open-vm-tools-12.3.0-150300.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 7 Kirk Allan 2024-03-25 15:27:28 UTC

Submissions have been made.  Marking as fixed.