SUSE-SU-2017:0705-1: moderate: Security update for open-vm-tools
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Wed Mar 15 14:13:01 MDT 2017
SUSE Security Update: Security update for open-vm-tools
______________________________________________________________________________
Announcement ID: SUSE-SU-2017:0705-1
Rating: moderate
References: #1006796 #1007600 #1011057 #1013496 #1024202
#913727 #938593 #941384 #944615 #952645 #971031
#978424 #985110 #994598
Cross-References: CVE-2015-5191
Affected Products:
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that solves one vulnerability and has 13 fixes is
now available.
Description:
This update for open-vm-tools to 10.1.0 stable brings features, fixes bugs
and security issues:
- New vmware-namespace-cmd command line utility
- GTK3 support
- Common Agent Framework (CAF)
- Guest authentication with xmlsec1
- Sub-command to push updated network information to the host on demand
- Fix for quiesced snapshot failure leaving guest file system quiesced
(bsc#1006796)
- Fix for CVE-2015-5191 (bsc#1007600)
- Report SLES for SAP 12 guest OS as SLES 12 (bsc#1013496)
- Add udev rule to increase VMware virtual disk timeout values (bsc#994598)
- Fix vmtoolsd init script to run vmtoolsd in background (bsc#971031)
- Fix copy-n-paste and drag-n-drop regressions (bsc#978424)
- Add new vmblock-fuse.service
- Fix a suspend with systemd issue (bsc#913727)
- ESXi Serviceability
- GuestInfo Enhancements
- Compatibility with all supported versions of VMware vSphere, VMware
Workstation 12.0 and VMware Fusion 8.0.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-open-vm-tools-13024=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-open-vm-tools-13024=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):
libvmtools0-10.1.0-7.1
open-vm-tools-10.1.0-7.1
open-vm-tools-desktop-10.1.0-7.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):
open-vm-tools-debuginfo-10.1.0-7.1
open-vm-tools-debugsource-10.1.0-7.1
References:
https://www.suse.com/security/cve/CVE-2015-5191.html
https://bugzilla.suse.com/1006796
https://bugzilla.suse.com/1007600
https://bugzilla.suse.com/1011057
https://bugzilla.suse.com/1013496
https://bugzilla.suse.com/1024202
https://bugzilla.suse.com/913727
https://bugzilla.suse.com/938593
https://bugzilla.suse.com/941384
https://bugzilla.suse.com/944615
https://bugzilla.suse.com/952645
https://bugzilla.suse.com/971031
https://bugzilla.suse.com/978424
https://bugzilla.suse.com/985110
https://bugzilla.suse.com/994598
More information about the sle-security-updates
mailing list