ELSA-2023-7277

ELSA-2023-7277 - open-vm-tools security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-11-16

Description

[12.2.5-3.0.1.2]
- Address CVE-2023-34058 - BZ 2246963 - SAML token signature token bypass.
- Address CVE-2023-34059 - BZ 2246962 - vmware-user-suid-wrapper

Related CVEs

CVE-2023-34058

CVE-2023-34059

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	open-vm-tools-12.2.5-3.0.1.el9_3.2.src.rpm	6424a04504a08cc07c0aab333a59b658285df5bb8fec935d22f5d10888593c22	-	ol9_aarch64_appstream
	open-vm-tools-12.2.5-3.0.1.el9_3.2.aarch64.rpm	4989ae45ff32769782150bad2070f1569ac1b4596227459e3c135286bdb2adb9	-	ol9_aarch64_appstream
	open-vm-tools-desktop-12.2.5-3.0.1.el9_3.2.aarch64.rpm	257d09b129e67a68d1902b488ce9ee2ac093400d2e32bae0b871f396c7be75ed	-	ol9_aarch64_appstream
	open-vm-tools-test-12.2.5-3.0.1.el9_3.2.aarch64.rpm	8154eba5e6d2d82d37a2e1480fa67043d4c62268a8b32ca63881623e25faec0d	-	ol9_aarch64_appstream
Oracle Linux 9 (x86_64)	open-vm-tools-12.2.5-3.0.1.el9_3.2.src.rpm	6424a04504a08cc07c0aab333a59b658285df5bb8fec935d22f5d10888593c22	-	ol9_x86_64_appstream
	open-vm-tools-12.2.5-3.0.1.el9_3.2.x86_64.rpm	c899f0458b701e9351f4fcb6cae962af6f469c960dd562c44b9432987313fe45	-	ol9_x86_64_appstream
	open-vm-tools-desktop-12.2.5-3.0.1.el9_3.2.x86_64.rpm	b2d57fb7d83b2d428678a3c95b01bbd4e47d81e92eb9af590edd812a3dcfd7ed	-	ol9_x86_64_appstream
	open-vm-tools-salt-minion-12.2.5-3.0.1.el9_3.2.x86_64.rpm	6687c2cc5935a8da005b4c1e243e9cb14025c0d2f1bb209b69dbfa8d351d77cd	-	ol9_x86_64_appstream
	open-vm-tools-sdmp-12.2.5-3.0.1.el9_3.2.x86_64.rpm	2558cda4950b24f0efe7f8eaed3cdb8704cba2e90da3fb3434747b9f12449b84	-	ol9_x86_64_appstream
	open-vm-tools-test-12.2.5-3.0.1.el9_3.2.x86_64.rpm	8a9f3d4e4c7d98799d016142c87869e88fda5d39ae4553e4ed171f310136eaf6	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team