32458 – open-vm-tools security issues - CVE-2023-34058, CVE-2023-34059

Bug 32458 - open-vm-tools security issues - CVE-2023-34058, CVE-2023-34059

Summary: open-vm-tools security issues - CVE-2023-34058, CVE-2023-34059

Status:	RESOLVED DUPLICATE of bug 32454

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	David Walser
QA Contact:	Sec team

URL:
Whiteboard:	MGA9TOO, MGA8TOO
Keywords:

Depends on:
Blocks:

Reported:	2023-10-27 19:39 CEST by Stig-Ørjan Smelror
Modified:	2023-10-27 19:46 CEST (History)
CC List:	0 users

See Also:
Source RPM:
CVE:	CVE-2023-34058, CVE-2023-34059
Status comment:	Fixed in version 12.3.5

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Stig-Ørjan Smelror 2023-10-27 19:39:09 CEST

Upstream have release a new version that fixes two CVEs.

https://github.com/vmware/open-vm-tools/releases/tag/stable-12.3.5


- This release resolves CVE-2023-34058. For more information on this vulnerability and its impact on VMware products, see https://www.vmware.com/security/advisories/VMSA-2023-0024.html.

- This release resolves CVE-2023-34059 which only affects open-vm-tools. For more information on this vulnerability, please see the Resolved Issues section of the Release Notes.

Stig-Ørjan Smelror 2023-10-27 19:41:42 CEST

Whiteboard: (none) => MGA9TOO, MGA8TOO

Stig-Ørjan Smelror 2023-10-27 19:42:03 CEST

QA Contact: (none) => security
Component: RPM Packages => Security

Stig-Ørjan Smelror 2023-10-27 19:43:03 CEST

CVE: (none) => CVE-2023-34058, CVE-2023-34059
Status comment: (none) => Fixed in version 12.3.5

Comment 1 David Walser 2023-10-27 19:46:30 CEST

dup

*** This bug has been marked as a duplicate of bug 32454 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE

Note You need to log in before you can comment on or make changes to this bug.