From 422b6650517104a295cbcc0d04f7195e9a9e1068 Mon Sep 17 00:00:00 2001 From: Pavel Vondruska <dexter.cz@gmail.com> Date: Thu, 25 Aug 2022 10:23:01 +0200 Subject: [PATCH] right patch and change changelog --- ...ck-authorization-on-incoming-guestOps-re.patch | 15 +++++++++++++++ make.sh | 14 +++++++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 1125-Properly-check-authorization-on-incoming-guestOps-re.patch diff --git a/1125-Properly-check-authorization-on-incoming-guestOps-re.patch b/1125-Properly-check-authorization-on-incoming-guestOps-re.patch new file mode 100644 index 0000000..52a2a5b --- /dev/null +++ b/1125-Properly-check-authorization-on-incoming-guestOps-re.patch @@ -0,0 +1,15 @@ +Index: pkg-open-vm-tools/open-vm-tools/vgauth/serviceImpl/proto.c +=================================================================== +--- pkg-open-vm-tools.orig/open-vm-tools/vgauth/serviceImpl/proto.c ++++ pkg-open-vm-tools/open-vm-tools/vgauth/serviceImpl/proto.c +@@ -1201,6 +1201,10 @@ Proto_SecurityCheckRequest(ServiceConnec + VGAuthError err; + gboolean isSecure = ServiceNetworkIsConnectionPrivateSuperUser(conn); + ++ if (conn->isPublic && req->reqType != PROTO_REQUEST_SESSION_REQ) { ++ return VGAUTH_E_PERMISSION_DENIED; ++ } ++ + switch (req->reqType) { + /* + * This comes over the public connection; alwsys let it through. diff --git a/make.sh b/make.sh index b562e22..d900c49 100755 --- a/make.sh +++ b/make.sh @@ -33,9 +33,21 @@ dget https://deb.debian.org/debian/pool/main/o/open-vm-tools/open-vm-tools_10.3. cd open-vm-tools-10.3.10 mk-build-deps --install --tool='apt-get -o Debug::pkgProblemResolver=yes --yes' debian/control -wget https://salsa.debian.org/vmware-packaging-team/pkg-open-vm-tools/-/raw/67b16ff62228304dfe96d33a0ba663c2e8d3167d/debian/patches/1125-Properly-check-authorization-on-incoming-guestOps-re.patch -O debian/patches/1125-Properly-check-authorization-on-incoming-guestOps-re.patch +#wget https://salsa.debian.org/vmware-packaging-team/pkg-open-vm-tools/-/raw/67b16ff62228304dfe96d33a0ba663c2e8d3167d/debian/patches/1125-Properly-check-authorization-on-incoming-guestOps-re.patch -O debian/patches/1125-Properly-check-authorization-on-incoming-guestOps-re.patch +cp -v 1125-Properly-check-authorization-on-incoming-guestOps-re.patch debian/patches echo '1125-Properly-check-authorization-on-incoming-guestOps-re.patch' >> debian/patches/series +cat << EOCHL > debian/changelog +open-vm-tools (2:10.3.10-1+deb10u2+dex1) buster; urgency=medium + + * [67b16ff] Properly check authorization on incoming guestOps requests. + (Closes: #1018012 CVE-2022-31676) + + -- Bernd Zeimetz <bzed@debian.org> Wed, 24 Aug 2022 10:28:40 +0200 + +$(cat debian/changelog) +EOCHL + dpkg-buildpackage -uc -us -b cd .. -- GitLab