Processed: Re: Bug#869661: stretch-pu: package open-vm-tools/2:10.1.5-5055683-4+deb9u1

2017-08-23 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + pending
Bug #869661 [release.debian.org] stretch-pu: package 
open-vm-tools/2:10.1.5-5055683-4+deb9u1
Added tag(s) pending.

-- 
869661: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869661
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869661: stretch-pu: package open-vm-tools/2:10.1.5-5055683-4+deb9u1

2017-08-23 Thread Adam D. Barratt 
Control: tags -1 + pending

On Sat, 2017-08-12 at 21:49 +0200, Bernd Zeimetz wrote:
> Hi,
> 
> On 08/08/2017 05:49 PM, Adam D. Barratt wrote:
> > +open-vm-tools (2:10.1.5-5055683-4+deb9u1) stable; urgency=medium
> > 
> > We generally prefer the changelog distribution to be "stretch".
> 
> changed...
> 
> > Please go ahead.
> 
> 
> .. and uploaded.

Thanks; flagged for acceptance.

Regards,

Adam

Bug#869661: stretch-pu: package open-vm-tools/2:10.1.5-5055683-4+deb9u1

2017-08-12 Thread Bernd Zeimetz 
Hi,

On 08/08/2017 05:49 PM, Adam D. Barratt wrote:
> +open-vm-tools (2:10.1.5-5055683-4+deb9u1) stable; urgency=medium
> 
> We generally prefer the changelog distribution to be "stretch".

changed...

> Please go ahead.


.. and uploaded.


Thanks,

Bernd


-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F

Processed: Re: Bug#869661: stretch-pu: package open-vm-tools/2:10.1.5-5055683-4+deb9u1

2017-08-08 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #869661 [release.debian.org] stretch-pu: package 
open-vm-tools/2:10.1.5-5055683-4+deb9u1
Added tag(s) confirmed.

-- 
869661: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869661
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#869661: stretch-pu: package open-vm-tools/2:10.1.5-5055683-4+deb9u1

2017-08-08 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Tue, 2017-07-25 at 14:23 +0200, Bernd Zeimetz wrote:
> as discussed in #869633 I'd like to fix CVE-2015-5191 in
> open-vm-tools with the next stretch pointrelease.
> 
> A debdiff is attached, I'll upload it to stable(-pu) as
> soon as I have an ack from you.

+open-vm-tools (2:10.1.5-5055683-4+deb9u1) stable; urgency=medium

We generally prefer the changelog distribution to be "stretch".

Please go ahead.

Regards,

Adam

Bug#869661: stretch-pu: package open-vm-tools/2:10.1.5-5055683-4+deb9u1

2017-07-25 Thread Bernd Zeimetz 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Hi release team,

as discussed in #869633 I'd like to fix CVE-2015-5191 in
open-vm-tools with the next stretch pointrelease.

A debdiff is attached, I'll upload it to stable(-pu) as
soon as I have an ack from you.

Thanks,

Bernd

-- 
 Bernd ZeimetzDebian GNU/Linux Developer
 http://bzed.dehttp://www.debian.org
 GPG Fingerprint: ECA1 E3F2 8E11 2432 D485  DD95 EB36 171A 6FF9 435F
diff --git a/debian/changelog b/debian/changelog
index 97fd671f..4bac2108 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+open-vm-tools (2:10.1.5-5055683-4+deb9u1) stable; urgency=medium
+
+  * [dec8df6] Upstream fix for CVE-2015-5191 (Closes: #869633)
+  * [ff10dcb] Update gbp.conf for stretch.
+
+ -- Bernd Zeimetz   Tue, 25 Jul 2017 11:40:02 +0200
+
 open-vm-tools (2:10.1.5-5055683-4) unstable; urgency=medium
 
   * [27689b3] Load the fuse module before mounting /run/vmblock-fuse.
diff --git a/debian/gbp.conf b/debian/gbp.conf
index bf4163e8..64996533 100644
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -1,3 +1,5 @@
+[DEFAULT]
+debian-branch = stretch
 [buildpackage]
 sign-tags = True
 posttag = git push && git push --tags
diff --git a/debian/patches/debian/cve-2015-5191.patch 
b/debian/patches/debian/cve-2015-5191.patch
new file mode 100644
index ..3312be08
--- /dev/null
+++ b/debian/patches/debian/cve-2015-5191.patch
@@ -0,0 +1,413 @@
+commit 22e58289f71232310d30cf162b83b5151a937bac
+Author: Oliver Kurth 
+Date:   Thu Jul 6 17:00:55 2017 -0700
+
+randomly generate tmp directory name
+
+diff --git a/open-vm-tools/libDeployPkg/linuxDeployment.c 
b/open-vm-tools/libDeployPkg/linuxDeployment.c
+index 1c8f7855..8e536a97 100644
+--- a/open-vm-tools/libDeployPkg/linuxDeployment.c
 b/open-vm-tools/libDeployPkg/linuxDeployment.c
+@@ -43,6 +43,8 @@
+ #include "mspackWrapper.h"
+ #include "rpcout.h"
+ #include "toolsDeployPkg.h"
++#include 
++#include 
+ 
+ /*
+  * These are covered by #ifndef to give the ability to change these
+@@ -52,12 +54,17 @@
+ 
+ #define CLEANUPCMD  "/bin/rm -r -f "
+ 
+-#ifndef EXTRACTPATH
+-#define EXTRACTPATH "/tmp/.vmware/linux/deploy"
++#ifndef TMP_PATH_VAR
++#define TMP_PATH_VAR "/tmp/.vmware/linux/deploy"
+ #endif
+ 
+-#ifndef CLEANUPPATH
+-#define CLEANUPPATH "/tmp/.vmware"
++#ifndef IMC_TMP_PATH_VAR
++#define IMC_TMP_PATH_VAR "@@IMC_TMP_PATH_VAR@@"
++#endif
++
++// '/tmp' below will be addressed by PR 1601405.
++#ifndef TMP_DIR_PATH_PATTERN
++#define TMP_DIR_PATH_PATTERN "/tmp/.vmware-imgcust-dXX"
+ #endif
+ 
+ #ifndef BASEFILENAME
+@@ -115,13 +122,14 @@ struct List {
+ // Private functions
+ static Bool GetPackageInfo(const char* pkgName, char** cmd, uint8* type, 
uint8* flags);
+ static Bool ExtractZipPackage(const char* pkg, const char* dest);
+-static Bool CreateDir(const char *path);
+ static void Init(void);
+ static struct List* AddToList(struct List* head, const char* token);
+ static int ListSize(struct List* head);
+ static int Touch(const char*  state);
+ static int UnTouch(const char* state);
+ static int TransitionState(const char* stateFrom, const char* stateTo);
++static bool CopyFileToDirectory(const char* srcPath, const char* destPath,
++const char* fileName);
+ static int Deploy(const char* pkgName);
+ static char** GetFormattedCommandLine(const char* command);
+ static int ForkExecAndWaitCommand(const char* command);
+@@ -151,8 +159,17 @@ static LogFunction sLog = NoLogging;
+ NORETURN void
+ Panic(const char *fmtstr, ...)
+ {
+-   /* Ignored */
+-   sLog(log_warning, "Panic callback invoked. \n");
++   va_list args;
++
++   char *tmp = Util_SafeMalloc(MAXSTRING);
++
++   va_start(args, fmtstr);
++   vsprintf(tmp, fmtstr, args);
++
++   sLog(log_error, "Panic callback invoked: %s\n", tmp);
++
++   free(tmp);
++
+exit(1);
+ }
+ 
+@@ -169,12 +186,19 @@ Panic(const char *fmtstr, ...)
+  *
+  **/
+ void
+-Debug(const char *fmtstr,
+-  va_list args)
++Debug(const char *fmtstr, ...)
+ {
+-   /* Ignored */
+ #ifdef VMX86_DEBUG
+-   sLog(log_warning, "Debug callback invoked. \n");
++   va_list args;
++
++   char *tmp = Util_SafeMalloc(MAXSTRING);
++
++   va_start(args, fmtstr);
++   vsprintf(tmp, fmtstr, args);
++
++   sLog(log_debug, "Debug callback invoked: %s\n", tmp);
++
++   free(tmp);
+ #endif
+ }
+ 
+@@ -874,11 +898,13 @@ static int
+ CloudInitSetup(const char *tmpDirPath)
+ {
+int deployStatus = DEPLOY_ERROR;
+-   const char *cloudInitTmpDirPath = "/var/run/vmware-imc";
++   static const char *cloudInitTmpDirPath = "/var/run/vmware-imc";
+int forkExecResult;
+char command[1024];
+Bool cloudInitTmpDirCreated = FALSE;
+ 
++   sLog(log_info, "Creating temp directory %s to copy customization files",
++cloudInitTmpDirPath);
+snprintf(command, sizeof(command),
+