Assignee: @ Gentoo VMWare Bug Squashers https://www.vmware.com/security/advisories/VMSA-2017-0005.html https://my.vmware.com/web/vmware/details?downloadGroup=WKST-1254-LX&productId=524&rPId=15268 <cite> This bundle includes the full product and VMware Tools for Linux 64-bit operating systems. File size: 455.23 MB File type: bundle Name: VMware-Workstation-Full-12.5.4-5192485.x86_64.bundle Release Date: 2017-03-14 Build Number: 5192485 MD5SUM: 04c6341f5c0e59e66191fea7a9885876 SHA1SUM: 41423d7d350ae205f57a898c533d4853e1c1d705 SHA256SUM: a9e959cb8e17c9a862b8d10a36a572f3871438f8c59e9aeed8fc501cb79fa94d </cite> Please, note Bug 596280 "app-emulation/vmware-workstation-12.5.2 version bump" as pre-decessor. Thus, we are going to need .../app-emulation/vmware-workstation/vmware-workstation-12.5.4.5192485.ebuild and .../app-emulation/vmware-workstation/vmware-modules-308.5.4.ebuild Copy-Renaming as described in . . . https://bugs.gentoo.org/show_bug.cgi?id=596280#c1 : A) Emerging vmware-workstation-12.5.4.5192485.ebuild succeeds. B) Emerging vmware-modules-308.5.4 leads to * ERROR: app-emulation/vmware-modules-308.5.4:: ... * Failed Patch: 308-4.09-00-user-pages.patch!
Created attachment 467200 [details] 308-4.09-00-user-pages.patch.out * Applying 308-4.09-00-user-pages.patch ... * Failed Patch: 308-4.09-00-user-pages.patch ! * ( /usr/local/portage/local-overlay/app-emulation/vmware-modules/files/308-4.09-00-user-pages.patch )
NOTABENE: Bug 510156 app-emulation/vmware-workstation-11 "/etc/init.d/vmware stop" fails if vsock module is built into kernel still applies: # /etc/init.d/vmware stop * Stopping VMware USB Arbitrator ... /opt/vmware/bin/vmware-usbarbitrator: Kein Prozess gefunden [ !! ] Stopped all configured services on all networks [ ok ] * Stopping VMware services ... modprobe: FATAL: Module vmw_vsock_vmci_transport is builtin. [ !! ] modprobe: FATAL: Module vmw_vmci is builtin. [ !! ] * ERROR: vmware failed to stop Workaround also still applies: # /etc/init.d/vmware zap * Manually resetting vmware to stopped state
Disabling patches . . . 308-4.09-00-user-pages.patch and . . . 308-4.10-00-generic_readlink.patch , vmware-modules-308.5.4 at least builds fine without any error (t.b.c.)
AFAICS, the last two patches in 308-4.09-00-user-pages.patch seem obsolete:
Created attachment 467206 [details] 308-4.09-00-user-pages.patch Deleted the last two patches.
Created attachment 467208 [details] 308-4.09-00-user-pages.patch__OBSOLETE The (deleted) last two patches, extracted into a separate backup file.
AFTERWARDS: All three packages compile / build / install successfully. Unfortunately, again, the bridged networks don't work any more. WORKAROUND: . . . https://bugs.gentoo.org/show_bug.cgi?id=596280#c5, _Hint 2_ does the trick again. Afterwards: . . . WORKSFORME TEST with 3 VMs: - Windows 7 - Windows 8.1 - Windows 10 o) start up && check networks (ok) o) update virus definitions (ok) o) check system (ok)
TODO: VMware Tools are shouting for _update_ . Although having enabled the "vmware-tools" USE flag: # emerge -pv vmware-workstation [ebuild R ~] app-emulation/vmware-workstation-12.5.4.5192485 ::mkn_local_overlay USE="bundled-libs cups doc ovftool server vix vmware-tools" and # equery list -p -o vmware-tools ... [--O] [ ] app-emulation/vmware-tools-10.0.6.3595377:0 [I-O] [ ] app-emulation/vmware-tools-10.0.10.4301679:0 inside the VMs, the installed tools identify themselves as . . . Version 10.0.6m build 3595377 corresponding to app-emulation/vmware-tools-10.0.6.3595377:0
(In reply to Manfred Knick from comment #8) CONFIRMATION: "ReInstall VMware Tools" from the "Alt"-Menue of respective VM's TAB worked successfully in all three cases.
Just to SUMMARIZE: The ebuilds in use are # equery list app-emulation/vmware* [I-O] [ ] app-emulation/vmware-modules-308.5.4:0 <-- new [I-O] [ ] app-emulation/vmware-tools-10.0.10.4301679:0 [I-O] [ ] app-emulation/vmware-workstation-12.5.4.5192485:0 <-- new The only change needed is in . . . /app-emulation/vmware-modules/files/308-4.09-00-user-pages.patch as descibend in comment 4 f.
Having app-emulation/vmware-workstation-12.5.4-5192485 installed, after upgrading dev-cpp/gtkmm-2.24.5:2.4 to (slotted) dev-cpp/gtkmm-3.20.1:3.0, "emerge -a --depclean" un-merged :2.4, leading to a circle in 'emerge ... @preserved-rebuild'. Enforcing "emerge ... dev-cpp/gtkmm:2.4" leading to a slotted dual install of :2.4 and :3.0 solved this problem. In [ovarlay] vmware-workstation-12.5.4.5192485.ebuild, it is BUNDLED_LIB_DEPENDS which contains "dev-cpp/gtkmm:2.4"; thus it is only pulled in the case of "!bundled-libs". Seems this entry has to move.
The version numberes affected should be kept visible in the title of the bug, please. existing [OVERLAY] app-emulation/vmware-workstation-12.5.4.5192485:0 is _not_ prone to this security risk any more.
(In reply to Manfred Knick from comment #12) > The version numberes affected > should be kept visible in the title of the bug, please. > > existing [OVERLAY] app-emulation/vmware-workstation-12.5.4.5192485:0 > is _not_ prone to this security risk any more. I am sorry, this isn't possible. We are only tracking official Gentoo repository. Because we don't have a fixed version in the repository we can't set version in title yet.
(In reply to Manfred Knick from comment #11) > Enforcing "emerge ... dev-cpp/gtkmm:2.4" > leading to a slotted dual install of :2.4 and :3.0 WORKAROUND: # emerge -aC vmware-workstation vmware-modules vmware-tools # emerge -a --depclean # emerge -a vmware-workstation should let you exit the loop ...
REFERENCE: Please note: Bug 616958 - app-emulation/vmware-workstation-12.5.6 version bump
To address bug 621910 we had to PMASK currently unmaintained VMware packages within the Gentoo repository.
VMware was removed from the Gentoo repository [1]. Closing as obsolete (package was never stable, i.e. no removal GLSA required). [1] https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a2d54401ad16fe676b80bb5618a569ebe02636d5
