-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 12 May 2025 15:22:02 +0200
Source: open-vm-tools
Architecture: source
Version: 2:12.2.0-1+deb12u3
Distribution: bookworm-security
Urgency: medium
Maintainer: Bernd Zeimetz <bzed@debian.org>
Changed-By: Bernd Zeimetz <bzed@debian.org>
Closes: 1105159
Changes:
 open-vm-tools (2:12.2.0-1+deb12u3) bookworm-security; urgency=medium
 .
   * [df2a118] Fixing an insecure file handling vulnerability.
     It allowed a malicious actor with non-administrative privileges
     on a guest VM to tamper the local files to trigger insecure file
     operations within that VM.
     VMSA-2025-0007
     CVE-2025-22247 (Closes: #1105159)
Checksums-Sha1:
 b0342251cd174db37c7a102b641048b901b9f2a6 2944 open-vm-tools_12.2.0-1+deb12u3.dsc
 71dea0e43a6cf83b641e1b4dcbfc0f6ee0643810 43032 open-vm-tools_12.2.0-1+deb12u3.debian.tar.xz
 0add3968637fd19e5061779e7180469785cca178 6944 open-vm-tools_12.2.0-1+deb12u3_source.buildinfo
Checksums-Sha256:
 75efef2fdc85daa518a30ce3e360dd60b2acea1274436553d950ec2cb28803b4 2944 open-vm-tools_12.2.0-1+deb12u3.dsc
 735fa1e82427e782eb13600a2ea556a5fb314d15744bf309bd8c941890b3f603 43032 open-vm-tools_12.2.0-1+deb12u3.debian.tar.xz
 fd10546b5ea80d87aa1779fc4a17d1b43acbf1bc15baba689b759f179ed69634 6944 open-vm-tools_12.2.0-1+deb12u3_source.buildinfo
Files:
 da3e257120c4616cd239ff4548103441 2944 admin optional open-vm-tools_12.2.0-1+deb12u3.dsc
 bbf3880198351e14e36f75ee33329a92 43032 admin optional open-vm-tools_12.2.0-1+deb12u3.debian.tar.xz
 d85db2ba42cf1d79e3f8f451c035af49 6944 admin optional open-vm-tools_12.2.0-1+deb12u3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7KHj8o4RJDLUhd2V6zYXGm/5Q18FAmgieCQACgkQ6zYXGm/5
Q1+OWg//SKvEmSHGCBKp2lroZ7KcRUgVSq5jnwZ24TGFvYHZ92J2iQd3RhFr+0GB
LBzfKc10WnE/FQUKqrWFORlJL9dE6t/Liqmtun20/CVTMxVetz11d53FHkDnyJ6V
uSE/9XjAP4UO/wR+zLVXvDW/0zvueqV1lYIyusBgyzhE5Z74sPaayAidaLGtvFwv
ZIfCtl2gA82TDWo9JZi4ygcuXqugK7enSX/3C1q42LufrMw0n1ftwhcAXdR06Tqd
bVFarZqUEy5LE1pUlOcBpk4zins22nCWnQ7926rz6XOjJ+eFf7D6FcBYtdP7uxe+
KasH4eIGf+db/xomh4/UGmVn6mD6S1dE0A8g50lOpZUGReGP27LOcU1P/KSkHvfe
ednt8zUpAVAs13FIm1Y93sUxhpEFEN0kj6lTsaoERB7O271ZEghi8211ATkY46iV
t2jTahmYXePGWrvnDl6Ihe3Q7U6NVFhwywkv1S8RIZMNnMQfgeqi8ww+6uZNEAWg
4ckAyWuNDKgy7l1tSl/Cjup7tICR3TqMvBnWmtXgYET1h2cfpb4sF/QJW+63b8AJ
0JZcHTGfE7pkN9iwdvsFgfl0QXxHEYDlFmaIFtzj5XnHp7SqbucmdnSxd5bWP+L2
oe7ZMqUm2cT6WXdVKeBpfAxCyYMdfUDuhtR8PEqAYMkpm6jLBOI=
=I6D+
-----END PGP SIGNATURE-----