2023-08-31 20:37:02 |
John Wolfe |
bug |
|
|
added bug |
2023-09-01 15:59:12 |
Lena Voytek |
bug |
|
|
added subscriber Ubuntu Server |
2023-09-01 16:30:29 |
Mitchell Dzurick |
tags |
|
server-todo |
|
2023-09-06 01:45:04 |
Bryce Harrington |
open-vm-tools (Ubuntu): assignee |
|
Bryce Harrington (bryce) |
|
2023-09-06 01:45:08 |
Bryce Harrington |
open-vm-tools (Ubuntu): status |
New |
Triaged |
|
2023-09-06 01:45:11 |
Bryce Harrington |
open-vm-tools (Ubuntu): importance |
Undecided |
High |
|
2023-09-06 15:25:55 |
Mitchell Dzurick |
open-vm-tools (Ubuntu): assignee |
Bryce Harrington (bryce) |
Mitchell Dzurick (mitchdz) |
|
2023-09-10 21:42:38 |
Mitchell Dzurick |
description |
There are no new features in the open-vm-tools 12.3.0 release. This is primarily a maintenance release that addresses a few critical problems, including:
This release resolves CVE-2023-20900. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0019.html.
A tools.conf configuration setting is available to temporaily direct Linux quiesced snaphots to restore pre open-vm-tools 12.2.0 behavior of ignoring file systems already frozen.
Building of the VMware Guest Authentication Service (VGAuth) using "xml-security-c" and "xerces-c" is being deprecated.
A number of Coverity reported issues have been addressed.
A number of GitHub issues and pull requests have been handled. Please see the Resolves Issues section of the Release Notes.
For issues resolved in this release, see the Resolved Issues section of the Release Notes.
For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.0
Release Notes are available at https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/ReleaseNotes.md
The granular changes that have gone into the 12.3.0 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-12.3.0/open-vm-tools/ChangeLog
Please rebase open-vm-tools to release 12.3.0 on supported Ubuntu releases as appropriate.
Note: 12.3.0 includes changes to better detect and configure the usage of OSS packages needed to build the containerInfo plugin. VMware has successfully built 12.3.0 on Ubuntu 23.04 without the use of the "grpc_1.51" patch in your open-vm-tools-package. |
[FFE]
12.2.5 -> 12.3.0
Ultimately this change seems relatively innocent. There were a ton of changes
to common files that don’t relate to open-vm-tools that I excluded in this review.
This change should be a sync, and I am comfortable with going through with the sync.
The notable changes are:
- A CVE fix is included
- New feature to allow pre-frozen image
- New feature to allow guest to support host verification with SAML tokens
- Removes the use of gdk-pixbuf-xlib
- Not very familiar with this utility, git commit says required by Unity so
maybe an issue for our derivative distributions that use Unity?
- New guest capability to support host verification of SAML tokenchangelog
- Exclude antrea/calico NIC pattern
Full list of Changes
I created a list of functional changes below by going through and removing
anything that was along the lines of “Change to common {source||header}*”,
“Inclusive Terminology”, “copyright update”, there were a lot of these types of
changes littered throughout the changelog.
Functional/bugfix ChangeLog:
- Allow only X509 certs to verify the SAML token signature.
- Addresses CVE-2023-20900
- Allow pre-Windows 2000 style user logon for Linux Guests.
- Fix build problems with grpc
- Enable hostVerfied SAML token feature in Tools.
- Fix VThreadBase_ForgetSelf using wrong format specifier for VThread_CurID.
- svtminion scripts v1.6 fixes for salt-minion release 3006.0
- Provide alternate method to allow (expected) pre-frozen filesystems when
taking a quiesced snapshot.
- New feature to allow pre-fozen filesystems
- Need to edit tools.conf to enable this feature, set to false by default
- Not worried since new feature is disabled by default, but it would be
nice to atleast test this feature
- Removing appUtil library from open-vm-tools.
- Removes use of gdk-pixbuf-xlib
- gdk-pixbuf-xlib is current present in Jammy/Lunar/Mantic
- Remove some dead code.
- Removes VixToolsCheckIfAuthenticationTypeEnabled
- Deprecated in
https://github.com/vmware/open-vm-tools/commit/ebed1074323950b03d25b31c54741eaa128c3e0c
- svtminion scripts update for salt 3006 release
- Introduce the new CAP_HOST_VERIFIED_SAML_TOKEN capability.
- Adds the guest capability to support host verification of SAML token
- Improve POSIX guest identification
- Just checks if /usr/bin/lsb_release is accessible using `access()`
before trying to use it, not worried about this change
- Record the usage of VMware Tools version 12.2.5 in vm_tools_version.h
- Record the GA release of VMware Tools 12.2.0.
- Add UNMANAGED InstallStatus value for components
- lib/file: Fix timetools breakage to use memset
- Add antrea and calico interface pattern to GUESTINFO_DEFAULT_IFACE_EXCLUDES.
- Excludes antrea/calico IP patterns to not clobber k8s IPs.
- lib/file: Improve File_SetTimes
- Remove SSL_NewContext() declaration from sslDirect.h
- Bump the VMware Tools version to 12.3.0 in the "devel" branch. |
|
2023-09-10 21:44:21 |
Mitchell Dzurick |
bug |
|
|
added subscriber Ubuntu Release Team |
2023-09-12 12:59:14 |
Mitchell Dzurick |
summary |
open-vm-tools 12.3.0 has been released |
[FFE] open-vm-tools 12.3.0 for Mantic |
|
2023-09-13 18:29:26 |
Mitchell Dzurick |
open-vm-tools (Ubuntu): status |
Triaged |
New |
|
2023-09-15 12:16:23 |
Łukasz Zemczak |
open-vm-tools (Ubuntu): status |
New |
Incomplete |
|
2023-09-18 12:28:28 |
Mitchell Dzurick |
open-vm-tools (Ubuntu): status |
Incomplete |
New |
|
2023-09-22 12:54:10 |
Paride Legovini |
open-vm-tools (Ubuntu): status |
New |
Triaged |
|
2023-09-22 16:20:08 |
Bryce Harrington |
open-vm-tools (Ubuntu): status |
Triaged |
Fix Released |
|
2023-09-22 16:20:10 |
Bryce Harrington |
cve linked |
|
2023-20900 |
|