| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| use-debian-pam | =================================================================== | no | ||||
| debian/scsi-udev-rule | =================================================================== | no | ||||
| 1125-Properly-check-authorization-on-incoming-guestOps-re.patch | [PATCH] Properly check authorization on incoming guestOps requests Fix public pipe request checks. Only a SessionRequest type should be accepted on the public pipe. |
John Wolfe <jwolfe@vmware.com> | no | 2022-08-10 | ||
| 2023-20867-Remove-some-dead-code-1110-1125.patch | [PATCH] Remove some dead code. Address CVE-2023-20867. Remove some authentication types which were deprecated long ago and are no longer in use. These are dead code. |
John Wolfe <jwolfe@vmware.com> | no | 2023-05-08 | ||
| CVE-2023-20900.patch | [PATCH] Address CVE-2023-20900 | John Wolfe <jwolfe@vmware.com> | no | 2023-08-18 | ||
| CVE-2023-34059.patch | [PATCH] Address CVE-2023-34059 Fix file descriptor vulnerability in the open-vm-tools vmware-user-suid-wrapper on Linux. - Moving the privilege drop logic (dropping privilege to the real uid and gid of the process for the vmusr service) from suidWrapper to vmtoolsd code. |
John Wolfe <jwolfe@vmware.com> | no | 2023-10-18 | ||
| CVE-2023-34058.patch | [PATCH] Address CVE-2023-34058 | John Wolfe <jwolfe@vmware.com> | no | 2023-10-18 |