Open-vm-tools 12.1.0 has been released

Bug #1987609 reported by John Wolfe
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
open-vm-tools (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

open-vm-tools 12.1.0 was released on Aug. 23, 2022.

This release contains several fixes including:
  - fix for CVE-2022-31676 - a local privilege escalation vulnerability.
  - a number of Coverity reported issues have been addressed.
  - https://github.com/vmware/open-vm-tools/pull/588
  - https://github.com/vmware/open-vm-tools/pull/387

For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-12.1.0

Release Notes are available at: https://github.com/vmware/open-vm-tools/blob/stable-12.1.0/ReleaseNotes.md

The granular changes that have gone into the 12.1.0 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-12.1.0/open-vm-tools/ChangeLog

Please rebase open-vm-tools to release 12.1.0 on supported Ubuntu releases as appropriate

Revision history for this message
Lena Voytek (lvoytek) wrote :

Hello,
Thank you for the report. As of August 24th all supported distributions of Ubuntu have either the new version or the security fixes in place for 12.1.0.
22.10 was synced with Debian: https://launchpad.net/ubuntu/+source/open-vm-tools/2:12.1.0-1

22.04, 20.04, and 18.04 were all updated by the security team:
https://launchpad.net/ubuntu/+source/open-vm-tools/2:11.3.5-1ubuntu4.1
https://launchpad.net/ubuntu/+source/open-vm-tools/2:11.3.0-2ubuntu0~ubuntu20.04.3
https://launchpad.net/ubuntu/+source/open-vm-tools/2:11.0.5-4ubuntu0.18.04.2

Marking this as fix released

Changed in open-vm-tools (Ubuntu):
status: New → Fix Released
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thank Lena for the initial triage!
The 12.1 is indeed available in Kinetic already (this bug state is correct).

The backports are done by us working with the security Team in most cases.
They are already tracked though and I think we expect Bryce to look at them in the next weeks.
=> bug 1975767

I think I'll mark this as a dup to lead everyone the right way.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.