Bug 32458

Summary: open-vm-tools security issues - CVE-2023-34058, CVE-2023-34059
Product: Mageia Reporter: Stig-Ørjan Smelror <smelror>
Component: SecurityAssignee: David Walser <luigiwalser>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA9TOO, MGA8TOO
Source RPM: CVE: CVE-2023-34058, CVE-2023-34059
Status comment: Fixed in version 12.3.5

Description Stig-Ørjan Smelror 2023-10-27 19:39:09 CEST 
Upstream have release a new version that fixes two CVEs.

https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.5


- This release resolves CVE-2023-34058. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0024.html.

- This release resolves CVE-2023-34059 which only affects open-vm-tools. For more information on this vulnerability, please see the Resolved Issues section of the Release Notes.
Stig-Ørjan Smelror 2023-10-27 19:41:42 CEST

Whiteboard: (none) => MGA9TOO, MGA8TOO

Stig-Ørjan Smelror 2023-10-27 19:42:03 CEST

QA Contact: (none) => security
Component: RPM Packages => Security

Stig-Ørjan Smelror 2023-10-27 19:43:03 CEST

CVE: (none) => CVE-2023-34058, CVE-2023-34059
Status comment: (none) => Fixed in version 12.3.5

Comment 1 David Walser 2023-10-27 19:46:30 CEST 
dup

*** This bug has been marked as a duplicate of bug 32454 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE