Bug 1212334

Summary: open-vm-tools version 12.2.5 has been released - please rebase
Product: [openSUSE] openSUSE Tumbleweed Reporter: John Wolfe <jwolfe>
Component: Virtualization:ToolsAssignee: Kirk Allan <kallan>
Status: RESOLVED WONTFIX QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: jsavanyo, jwolfe, kallan, mcowley, vmware-gos-qa
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description John Wolfe 2023-06-13 23:03:10 UTC 
open-vm-tools 12.2.5 was released on June 13, 2023.

There are no new features in the open-vm-tools 12.2.5 release. This is primarily a maintenance release that addresses a single critical problem:

  *  Address CVE-2023-20867 announced in https://www.vmware.com/security/advisories/VMSA-2023-0013.html

For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.2.5

Release Notes are available at: https://github.com/vmware/open-vm-tools/blob/stable-12.2.5/ReleaseNotes.md

The granular changes that have gone into the 12.2.5 release are in the ChangeLog at: https://github.com/vmware/open-vm-tools/blob/stable-12.2.5/open-vm-tools/ChangeLog

Patches applicable to previous open-vm-tools releases are available at https://github.com/vmware/open-vm-tools/tree/CVE-2023-20867.patch

Please rebase open-vm-tools version 12.2.5 in supported releases of SLE 12 and 15 for x86_64/amd64 and aarch64/ARM64 architectures as appropriate.
Comment 1 Kirk Allan 2023-07-10 15:54:29 UTC 
The CVE patch for CVE-2023-20867 was applied to open-vm-tools 12.2.0 and is now available in the update channels.  See bug 1212143.

As such we will skip this version as its only update is the CVE patch.

Marking as won't fix.