Oracle Linux 7 ELSA-2023-5218: Addressing Open-Vm-Tools Auth Vulnerability
oracle
September 20, 2023
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
Summary
[11.0.5-3.0.1] - fix spaces in vmware udev rule for scsi devices [Orabug: 24461968] - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. [Orabug: 22815019] - Increase timeout for scsi devices on VMWare guests by adding a udev rule. - Created a new file 99-vmware-scsi-timeout.rules - Modified spec file to install this new file. [Orabug: 21819156] [11.0.5-3.el7_9.7] - ovt-VGAuth-Allow-only-X509-certs-to-verify-the-SAML-toke.patch [RHEL-2413] - Resolves: RHEL-2413 (CVE-2023-20900 open-vm-tools: SAML token signature bypass [rhel-7.9.z])
SRPMs
https://oss.oracle.com:443/ol7/SRPMS-updates//open-vm-tools-11.0.5-3.0.1.el7_9.7.src.rpm
x86_64
open-vm-tools-11.0.5-3.0.1.el7_9.7.x86_64.rpm open-vm-tools-desktop-11.0.5-3.0.1.el7_9.7.x86_64.rpm open-vm-tools-devel-11.0.5-3.0.1.el7_9.7.x86_64.rpm open-vm-tools-test-11.0.5-3.0.1.el7_9.7.x86_64.rpm
aarch64
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Related CVEs:
CVE-2023-20900
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!