severity 484491 normal
thanks

Steffen Joeris wrote:
> Package: vmware-package
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> Hi
> 
> The following CVE[0] has been issued against vmware products.

hi,

vmware-package is a script which builds .debs from vmware tarballs; even
if vmware-package is updated in the debian archive, it is incumbent upon
individual sysadmins to download new tarballs from vmware.com and update
their installations, since the vmware-package package does not do any
automatic downloading/installation (indeed, one can install the
generated debs on systems which don't even have vmware-package
installed).

I will upload a vmware-package with updated hashes for these new point
releases shortly; in the mean time, the '-s' option to make-vmpkg will
(probably, I haven't tested; but all vmware point releases so far have
not introduced changes requiring more advanced updates than updating the
hashes at the beginning of the make-vmpkg script) build .debs from the
new vmware tarballs.

-- 
Robert Edmonds
[EMAIL PROTECTED]

Attachment: signature.asc
Description: Digital signature

Reply via email to