Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5b859360 by Moritz Muehlenhoff at 2022-08-24T08:44:18+02:00
new open-vm-tools issue
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -18361,6 +18361,9 @@ CVE-2022-31677
RESERVED
CVE-2022-31676
RESERVED
+ - open-vm-tools <unfixed>
+ NOTE:
https://github.com/vmware/open-vm-tools/blob/CVE-2022-31676.patch/1205-Properly-check-authorization-on-incoming-guestOps-re.patch
+ NOTE: https://www.vmware.com/security/advisories/VMSA-2022-0024.html
CVE-2022-31675 (VMware vRealize Operations contains an authentication bypass
vulnerabi ...)
NOT-FOR-US: VMware
CVE-2022-31674 (VMware vRealize Operations contains an information disclosure
vulnerab ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -35,6 +35,8 @@ netatalk
--
nodejs
--
+open-vm-tools
+--
php-horde-mime-viewer
--
php-horde-turba
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b8593603a7f6e97acbe60a3e9d3f54277358a7e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b8593603a7f6e97acbe60a3e9d3f54277358a7e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
