1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES.DEV

  • Accepted open-vm-tools 2:12.5.0-2 (source) into unstable

    From Debian FTP Masters@21:1/5 to All on Mon May 12 16:40:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Mon, 12 May 2025 15:17:50 +0200
    Source: open-vm-tools
    Architecture: source
    Version: 2:12.5.0-2
    Distribution: unstable
    Urgency: high
    Maintainer: Bernd Zeimetz <bzed@debian.org>
    Changed-By: Bernd Zeimetz <bzed@debian.org>
    Closes: 1105159
    Changes:
    open-vm-tools (2:12.5.0-2) unstable; urgency=high
    .
    * [910f279] Fixing an insecure file handling vulnerability.
    It allowed a malicious actor with non-administrative privileges
    on a guest VM to tamper the local files to trigger insecure file
    operations within that VM.
    VMSA-2025-0007
    CVE-2025-22247 (Closes: #1105159)
    Checksums-Sha1:
    855595ac50b926d0002ccadc1b23a7b27342319b 2963 open-vm-tools_12.5.0-2.dsc
    28dff27f0242b32c5a9e89584696e55aec01abc5 38112 open-vm-tools_12.5.0-2.debian.tar.xz
    ca99004e5c8cf37f4bf12c224e3b549decfeff94 6912 open-vm-tools_12.5.0-2_source.buildinfo
    Checksums-Sha256:
    995eddf9419dafb5d64867ddb0541d3f908af5516811f4919394ce29c5cc0639 2963 open-vm-tools_12.5.0-2.dsc
    4f7f3fd058b66dadc3ecb8f6eb8223e0f13ed7da95eb61741f501b0888fcc2a4 38112 open-vm-tools_12.5.0-2.debian.tar.xz
    ec604cb2a0340643f10cc6792390ce092f87f446e0a66052f259313ea9c25206 6912 open-vm-tools_12.5.0-2_source.buildinfo
    Files:
    9e1f27e56f6f9e60e56991aa568a28ba 2963 admin optional open-vm-tools_12.5.0-2.dsc
    1e5c66081a6813dd2d9125ce94ef820f 38112 admin optional open-vm-tools_12.5.0-2.debian.tar.xz
    c1a5c451a27074d8efb55da79a902e6f 6912 admin optional open-vm-tools_12.5.0-2_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEE7KHj8o4RJDLUhd2V6zYXGm/5Q18FAmgh+x0ACgkQ6zYXGm/5 Q1+74w//cdhmMmyNbnguMjtjiXJjfkkAMurFdHjuXmsbIlMJf5R38tYV7gX6kTcW MWV5oCwJaprx1MsoSxGHODHx6Gqkzm+Q8azXjm/e1R8sjXV11JdHaxYttrzPvWmj cwFjWkGAiC/DeZNcxF1oAMyCNkjj17fUpKEDGsmUqOk90KAWuuik7KNA6EizqaCy mYa4kekuvzuVItq+9t2omn2pIM/vSFczQMzx5gtPGlZznpPN6XIB9WMv9tPZTh7V yjluMvnCDHzSaBpL2Ui6dxa699MAzDRLCvYFo1ULFCp6YtsMsLnnBhKtIyfreGSD i3KpkdXctYxqnXVy6VokOjW61tnY3D3TH8aUyCx93YOXYsGDrsPF4b5uTuZqFqG7 3/1G54AjFIkNRta+QegepfRQW4H1XhbA5Dre9h1IT9no1/teegN0HtuTgJOlwqHS Sgna5NTY7NzMCLAI9nDPSuarYjTWX2C6RBNYKKnz1du6FjD5tlEQBIQRxAB+6Pkt pHb104fY7iYvyihYYH+kSDhZZD6mdEnkYLx2EprKq1PjoXD0vwjOm+8jzRrsg7C6 iorAS3pvFrifBnjEqa6ssbd62bFTfPkonNJtY6sygxflQlHiviIfoOCH3fpFFLIp NN66H3WvLnmqRnZrUxdfS4M8l4OBn1pDaEsP7CcfPugMscPtoz8=
    =wOld
    -----END PGP SIGNATURE-----


    --==============`50486901660823469=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCaCIHIQAKCRCb9qggYcy5 IfqZAQDdtdkBTyb6O/458Dw+w4y2R6NxI99D3vdm5vrLyRP5mQEA4I/Ztdk5YXBt XR6usWu48bT/LL8D4jDRZc+EQqYwQQU=w7QR
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)