CVE-2009-0909 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0909): Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CVE-435. CVE-2009-0910 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0910): Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CVE-436. Affected are : Resolved in Workstation 6.5.x: 6.5.2 build 156735 or later Player 2.5.x: 2.5.X build 156735 or later
Ok, the necessary ebuilds are now in the tree (vmware-server is only up to 1.0.8 in the tree. 2.0.0 existed in the vmware overlay, but has been updated to 2.0.1 there). Over to you guys...
(In reply to comment #1) > Over to you guys... *passes the ball again* Arches, please test and mark stable: =app-emulation/vmware-workstation-6.5.2.156735 =app-emulation/vmware-player-2.5.2.156735 Target keywords : "amd64 x86"
CVE-2009-1244 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1244): Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
Mike, the in-tree vmware-server is vulnerable to that third new issue. Please bump to "1.0.9 build 156507 or later". Reference: http://www.vmware.com/security/advisories/VMSA-2009-0006.html
Yep, I spotted it, and I've got versions ready to get tested in the overlay, but I need to sort out the modules first (since the ones we're using don't compile under the latest kernel and hopefully the ones that come with 1.0.9 will). I estimate I should have something workable in the overlay if not the tree by the weekend. I'll keep you updated, but please don't let it hold back the workstation bits and pieces...
(In reply to comment #2) > =app-emulation/vmware-workstation-6.5.2.156735 I cannot download that version from the VMWare pages...the only version available for me is 2.5.1. For the player I need a KVM-disabled kernel. After the next reboot...
Do you mean 2.5.2 rather than 2.5.1?
(In reply to comment #7) > Do you mean 2.5.2 rather than 2.5.1? Sorry I meant: Version 6.5.1 | 126130
Try http://www.vmware.com/download/download.do?downloadGroup=WKST-652-LX, which should be the top link from http://www.vmware.com/download/ws/...
-workstation and -player stable on x86
*** Bug 269163 has been marked as a duplicate of this bug. ***
Ok, Gengor very kindly tested out vmware-server-1.0.9 for me, and says it works with the existing modules, so I've committed it (and vmware-server-console-1.0.9) to the tree. I moved vmware-server-2 in at the same time, since it's been sitting around for too long. Please only bother stabilizing 1.0.9, 2.0.1 needs much more time to work out the kinks...
*Ping to arches*
x86 stable
amd64 stable, all arches done.
GLSA together with all the other bugs...
amd64 ping, you missed vmware-server-1.0.9-156507.
Thanks everyone, this will be added to an already pending glsa.
There is no <app-emulation/vmware-workstation-5.5.9.126128 nor <app-emulation/vmware-server-1.0.9.156507 in portage any more. I'm not sure about vmware-player.
This issue was resolved and addressed in GLSA 201209-25 at http://security.gentoo.org/glsa/glsa-201209-25.xml by GLSA coordinator Sean Amoss (ackle).
