app-emulation/open-vm-tools: add 13.0.5, fix CVE-2025-41244

The affected code isn't compiled in Gentoo, because it's disabled by default. It requires adding `--enable-servicediscovery` to `configure` in order to activate it, and there's currently no USE flag to control it. Bug: https://bugs.gentoo.org/963579 Signed-off-by: Cristian Othón Martínez Vera <cfuga@cfuga.mx> Part-of: https://github.com/gentoo/gentoo/pull/43158 Closes: https://github.com/gentoo/gentoo/pull/43158 Signed-off-by: Sam James <sam@gentoo.org>
2025-12-21 21:17:37 -08:00 · 2025-07-25 12:57:55 -06:00 · 2025-07-25 12:57:55 -06:00 · 52fa121f60
commit 52fa121f60
parent 789ff3784a
2 changed files with 155 additions and 0 deletions
--- a/app-emulation/open-vm-tools/Manifest
+++ b/app-emulation/open-vm-tools/Manifest
@ -1,2 +1,3 @@
 DIST open-vm-tools-12.4.5-23787635.tar.gz 4356612 BLAKE2B 59fab76bc740d6c8e8b76f8c2379f751a62a4d4c01add9520acafbd5601d9490c7fb7d5a3631d1198c811be33b1bd7c7b381de2f9a8f703ceec21aab6331797a SHA512 dd90622a0f1c773ed217040788a1bdbfba1e60256d4e5159a2557155f6ac642ab71488044860e417cdd853aad77a6495b98e8fd02f9755be90cc1dc71c840a3c
 DIST open-vm-tools-12.5.0-24276846.tar.gz 4361651 BLAKE2B 2f0bc58e51afbb438efd83b048a81d8f0dc23d50268f3b031789a61e57c45e4502dff81e7b339733e3c34eb9f3c46b4483d92cdc9956906933735b1b51128acf SHA512 068f84192b7056144257a8180884a077fe03e34c441f4eb7729112d3dbd75f70e019d3cdbfe7c25243154d7597f152272efde9417d873a585ec1bfc68f34e234
 DIST open-vm-tools-13.0.5-24915695.tar.gz 4342572 BLAKE2B bd612d2ec36a275b04ef7e73a9c2444f97672fad7e655f9866f4231377f2bb45e7bd6a1278290c9ea17e8cdab4b47f0cb2517b7b11f2b6fe06d802610a281dff SHA512 e8a0c823e8430e3df0873f8031704536e73bec21d4cd37c37a37053fe2a5116ae1d2fdfa05eae95910c22238c967acc96f6603e1dd8289f2ca926507040c757a
--- a/app-emulation/open-vm-tools/open-vm-tools-13.0.5.ebuild
+++ b/app-emulation/open-vm-tools/open-vm-tools-13.0.5.ebuild
@ -0,0 +1,154 @@
 # Copyright 2007-2025 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 EAPI=8
 inherit autotools linux-info pam systemd udev
 MY_P="${P}-24915695"
 DESCRIPTION="Tools for VMware guests"
 HOMEPAGE="https://github.com/vmware/open-vm-tools"
 SRC_URI="https://github.com/vmware/open-vm-tools/releases/download/stable-${PV}/${MY_P}.tar.gz"
 S="${WORKDIR}/${MY_P}"
 LICENSE="LGPL-2.1"
 SLOT="0"
 KEYWORDS="~amd64 ~arm64 ~x86"
 IUSE="X +deploypkg +dnet doc +fuse gtkmm +icu multimon pam +resolutionkms +ssl +vgauth"
 REQUIRED_USE="
 	multimon? ( X )
 	vgauth? ( ssl )"
 RDEPEND="
 	dev-libs/glib
 	net-libs/libtirpc
 	deploypkg? ( dev-libs/libmspack )
 	fuse? ( sys-fs/fuse:3= )
 	pam? ( sys-libs/pam )
 	!pam? ( virtual/libcrypt:= )
 	ssl? ( dev-libs/openssl:= )
 	vgauth? (
 		dev-libs/libxml2:=
 		dev-libs/xmlsec:=
 	)
 	X? (
 		x11-libs/gtk+:3[X]
 		x11-libs/libSM
 		x11-libs/libXcomposite
 		x11-libs/libXext
 		x11-libs/libXi
 		x11-libs/libXrandr
 		x11-libs/libXrender
 		x11-libs/libXtst
 		gtkmm? (
 			dev-cpp/gtkmm:3.0
 			dev-libs/libsigc++:2
 		)
 		multimon? ( x11-libs/libXinerama )
 	)
 	dnet? ( dev-libs/libdnet )
 	icu? ( dev-libs/icu:= )
 	resolutionkms? (
 		x11-libs/libdrm[video_cards_vmware]
 		virtual/libudev
 	)"
 DEPEND="${RDEPEND}
 	net-libs/rpcsvc-proto"
 BDEPEND="
 	dev-util/glib-utils
 	virtual/pkgconfig
 	doc? ( app-text/doxygen )"
 PATCHES=(
 	"${FILESDIR}"/${PN}-12.4.5-Werror.patch
 	"${FILESDIR}"/${PN}-12.4.5-icu.patch
 )
 pkg_setup() {
 	local CONFIG_CHECK="~VMWARE_BALLOON ~VMWARE_PVSCSI ~VMXNET3 ~VMWARE_VMCI ~VMWARE_VMCI_VSOCKETS ~FUSE_FS"
 	use X && CONFIG_CHECK+=" ~DRM_VMWGFX"
 	kernel_is -lt 5 5 || CONFIG_CHECK+=" ~X86_IOPL_IOPERM"
 	linux-info_pkg_setup
 }
 src_prepare() {
 	default
 	eautoreconf
 }
 src_configure() {
 	local myeconfargs=(
 		--disable-glibc-check
 		--disable-tests
 		--without-root-privileges
 		$(use_enable multimon)
 		$(use_with X x)
 		$(use_with X gtk3)
 		$(use_with gtkmm gtkmm3)
 		$(use_enable doc docs)
 		$(use_enable resolutionkms)
 		$(use_enable deploypkg)
 		$(use_with pam)
 		$(use_enable vgauth)
 		$(use_with dnet)
 		$(use_with icu)
 		--with-udev-rules-dir="$(get_udevdir)"/rules.d
 		$(use_with fuse fuse 3)
 		# Disable it explicitly, we do not yet list the
 		# containerinfo dependencies in the ebuild
 		--disable-containerinfo
 		# Disable it explicitly, gtk2 is obsolete
 		--without-gtk2
 		# Possibly add a separate USE flag for the utility, or
 		# merge it into resolutionkms
 		--disable-vmwgfxctrl
 	)
 	# Avoid a bug in configure.ac
 	use ssl || myeconfargs+=( --without-ssl )
 	# Avoid relying on dnet-config script, which breaks cross-compiling. This
 	# library has no pkg-config file.
 	export CUSTOM_DNET_LIBS="-ldnet"
 	econf "${myeconfargs[@]}"
 }
 src_install() {
 	default
 	find "${ED}" -name '*.la' -delete || die
 	if use pam; then
 		rm "${ED}"/etc/pam.d/vmtoolsd || die
 		pamd_mimic_system vmtoolsd auth account
 	fi
 	newinitd "${FILESDIR}/open-vm-tools.initd" vmware-tools
 	newconfd "${FILESDIR}/open-vm-tools.confd" vmware-tools
 	if use vgauth; then
 		systemd_newunit "${FILESDIR}"/vmtoolsd.vgauth.service vmtoolsd.service
 		systemd_dounit "${FILESDIR}"/vgauthd.service
 	else
 		systemd_dounit "${FILESDIR}"/vmtoolsd.service
 	fi
 	# vmhgfs-fuse is built only when fuse is enabled
 	if use fuse; then
 		# Make fstype = vmhgfs-fuse work in fstab
 		dosym vmhgfs-fuse /usr/bin/mount.vmhgfs-fuse
 	fi
 	if use X; then
 		fperms 4711 /usr/bin/vmware-user-suid-wrapper
 		dobin scripts/common/vmware-xdg-detect-de
 	fi
 }
 pkg_postinst() {
 	udev_reload
 }
 pkg_postrm() {
 	udev_reload
 }