Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted open-vm-tools 2:11.2.5-2+deb11u4 (source) into oldstable-security
Date: Wed, 14 May 2025 14:10:23 +0000
Signed by: Jochen Sprickerhof <jspricke@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 12 May 2025 15:49:02 +0200
Source: open-vm-tools
Architecture: source
Version: 2:11.2.5-2+deb11u4
Distribution: bullseye-security
Urgency: medium
Maintainer: Bernd Zeimetz <bzed@debian.org>
Changed-By: Bernd Zeimetz <bzed@debian.org>
Closes: 1105159
Changes:
 open-vm-tools (2:11.2.5-2+deb11u4) bullseye-security; urgency=medium
 .
   * [1f39bba] Fixing an insecure file handling vulnerability.
     It allowed a malicious actor with non-administrative privileges
     on a guest VM to tamper the local files to trigger insecure file
     operations within that VM.
     VMSA-2025-0007
     CVE-2025-22247 (Closes: #1105159)
Checksums-Sha1:
 ece2815504bf15d7bd45b270f630dfbbfd8f55cc 2496 open-vm-tools_11.2.5-2+deb11u4.dsc
 a0710a008762a9746dcd6ab1a14c35ad2fe2def9 40624 open-vm-tools_11.2.5-2+deb11u4.debian.tar.xz
 8bbc6fac5ca2b73bd00eb2e610c1636c48c056cd 5976 open-vm-tools_11.2.5-2+deb11u4_source.buildinfo
Checksums-Sha256:
 da43d56fe52e62ac139102e2f9e82d73c4e3b67caa00850bf4230f7e2a57140b 2496 open-vm-tools_11.2.5-2+deb11u4.dsc
 46d16c2f5db31deb98db3d289e542252e9788535212e2a13c098671754c5e095 40624 open-vm-tools_11.2.5-2+deb11u4.debian.tar.xz
 bfa1e3f9c9c0eee8230903eb4fe81eaddd112ee1622f8fb6c28ac91686b88212 5976 open-vm-tools_11.2.5-2+deb11u4_source.buildinfo
Files:
 d3232061524e47d38c33804218a3855f 2496 admin optional open-vm-tools_11.2.5-2+deb11u4.dsc
 24398f44c6f4dbdf530c1bf80bfe535c 40624 admin optional open-vm-tools_11.2.5-2+deb11u4.debian.tar.xz
 3ace6b57d78e545a1beb12ce14cc965c 5976 admin optional open-vm-tools_11.2.5-2+deb11u4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEc7KZy9TurdzAF+h6W//cwljmlDMFAmgkoA8ACgkQW//cwljm
lDPjyg//YVBVymiJ3eyJiDEtLHZ3+Fj/8GVMDO0+LL6DLdOuivSSk3pdhDVE2ZeQ
BEV9kawvPI9SB9kK7t/OZ2MamvK9FfMm8nwCgNtWByz4zOlqNVKBIIOb9iobP5ib
K9Z95tYFY5uHbWxNLUx4+ZbwjDZpETMcPfgwPmaNOQEjJoDsgbr5Ko6+JWQjVCFh
HbPUiyFwntl1F6kFSSA2KkW388lryngqOsXvSN0IicnRtsreGatb86xe4GmlaG3V
GrMHgx6Hws/6vXDh0yc9+d2MSu7fli3f9Qs3AaIpuPffeIMXfIs7ycDhavACzZjW
TNqXG5NKLfCi1DMRJiGmQzFvjTN3UQZECdDL0HMWMaYeZekiJWdPJJWBWj01zjtH
U6I9TRy10dx+gzrUgSI/pUEzpp7Ep8d9dA/LiSIUQ3fkAWnIA+2cwgDGLYUB0jSk
55fRIh1n7SDyUro4eBxiLzSETF9Hj/tC+Ismjj/6kisUKGluA45g/hThD6iggrRZ
4sr4vLzthUlgLm2h0BD9++eYt1jVm+ZIqbkE1HWDvXvYPZ+uCx2Lhz5kjHTMyE7r
VYMNLfjXw/enTqja6NP672S4r2PlIczpDK1bAA9W7/BGGLdIK1INGksBKlJFYu+K
nnzpMGFIKFRQyTOt4lYzJEqyT5SDF95KpnMqEKhPcs0Od1oy5+A=
=pN8n
-----END PGP SIGNATURE-----

News for package open-vm-tools