group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #29500
[Bug 1822204] Re: open-vm-tools 10.3.10 released
Reviewing the changelog after talking to Bernd (thanks) I realized that
there are security critical issues in there.
There is a security fix in it "Among others Fix possible security issue with the permissions of the intermediate staging directory and path"
[1]
But there are some further really bad things fixed like:
5f3f6ccd Fix NULL pointer dereference and remove three lines of dead code.
Since we are in Freeze but for critical cases can still reconsider it I'd want to do the following:
1. subscribe the release team and ping them if this could be synced into Disco still
Actually i'll trigger the sync right away so it shows up as -unapproved as well.
2. subscribe -security to evaluate the severity of the issue to decide if we can wait for
older releases for the next regular backport (planned towards the end of 19.10) or if we
need/want to immediately work on those
- subscribe security team
[1]: https://github.com/vmware/open-vm-
tools/commit/e88f91b00a715b79255de6576506d80ecfdb064c
** Also affects: open-vm-tools (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: open-vm-tools (Ubuntu Cosmic)
Importance: Undecided
Status: New
** Also affects: open-vm-tools (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: open-vm-tools (Ubuntu Xenial)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
** Changed in: open-vm-tools (Ubuntu Bionic)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
** Changed in: open-vm-tools (Ubuntu Cosmic)
Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security)
** Changed in: open-vm-tools (Ubuntu)
Importance: Undecided => Critical
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1822204
Title:
open-vm-tools 10.3.10 released
Status in open-vm-tools package in Ubuntu:
Triaged
Status in open-vm-tools source package in Xenial:
New
Status in open-vm-tools source package in Bionic:
New
Status in open-vm-tools source package in Cosmic:
New
Status in open-vm-tools package in Debian:
Unknown
Bug description:
We have released open-vm-tools 10.3.10.
open-vm-tools 10.3.10 is available for download from GitHub:
https://github.com/vmware/open-vm-tools/tree/stable-10.3.10
For more details and changes, please refer to the release notes at
https://github.com/vmware/open-vm-
tools/blob/stable-10.3.10/ReleaseNotes.md
or the ChangeLog at:
https://github.com/vmware/open-vm-tools/blob/stable-10.3.10/open-vm-
tools/ChangeLog
Also filed at Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925940
Oliver
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/open-vm-tools/+bug/1822204/+subscriptions