ELSA-2023-5217

ELSA-2023-5217 - open-vm-tools security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2023-09-19

Description

[11.0.5-3.0.1]
- fix spaces in vmware udev rule for scsi devices
[Orabug: 24461968]
- Fix vmware udev rule in 99-vmware-scsi-timeout.rules file.
[Orabug: 22815019]
- Increase timeout for scsi devices on VMWare guests by adding a udev rule.
- Created a new file 99-vmware-scsi-timeout.rules
- Modified spec file to install this new file.
[Orabug: 21819156]

[11.0.5-3.el7_9.7]
- ovt-VGAuth-Allow-only-X509-certs-to-verify-the-SAML-toke.patch [RHEL-2413]
- Resolves: RHEL-2413
(CVE-2023-20900 open-vm-tools: SAML token signature bypass [rhel-7.9.z])

Related CVEs

CVE-2023-20900

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 7 (x86_64)	open-vm-tools-11.0.5-3.0.1.el7_9.7.src.rpm	ee5bd598ee1b2294357c98ceaa5a0728	-	ol7_x86_64_latest
	open-vm-tools-11.0.5-3.0.1.el7_9.7.src.rpm	ee5bd598ee1b2294357c98ceaa5a0728	-	ol7_x86_64_optional_latest
	open-vm-tools-11.0.5-3.0.1.el7_9.7.src.rpm	ee5bd598ee1b2294357c98ceaa5a0728	-	ol7_x86_64_u9_patch
	open-vm-tools-11.0.5-3.0.1.el7_9.7.x86_64.rpm	d410cebe7c47880f40d561712405f87a	-	ol7_x86_64_latest
	open-vm-tools-11.0.5-3.0.1.el7_9.7.x86_64.rpm	d410cebe7c47880f40d561712405f87a	-	ol7_x86_64_u9_patch
	open-vm-tools-desktop-11.0.5-3.0.1.el7_9.7.x86_64.rpm	8d965918ed0b8bf4ea0fb377d6a0389c	-	ol7_x86_64_latest
	open-vm-tools-desktop-11.0.5-3.0.1.el7_9.7.x86_64.rpm	8d965918ed0b8bf4ea0fb377d6a0389c	-	ol7_x86_64_u9_patch
	open-vm-tools-devel-11.0.5-3.0.1.el7_9.7.x86_64.rpm	a8b67fa90cae0fa6f11abc38016d9678	-	ol7_x86_64_optional_latest
	open-vm-tools-test-11.0.5-3.0.1.el7_9.7.x86_64.rpm	11b9eba97184573033de60ca8df51c1c	-	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team