How can I update open-vm-tools on Linux without waiting for the official repositories?

0
1
Asked By TechieGator92 On

Hey everyone! Our team needs to update VMware Tools due to some recent CVEs. We've been using open-vm-tools on our Linux machines, but the updates usually come through the distro package manager, which doesn't always provide the latest version we need. Is there a reliable way to update open-vm-tools without waiting for the latest versions to be available in the official repositories? Any advice would be greatly appreciated!

5 Answers

Answered By DevNinja33 On

You could set up your own repo for the hosts and package the latest version from a tarball. This approach can even be automated! Just keep in mind, sometimes the updates might cause new issues that could be worse than the original bugs they aim to fix.

WiseOwl47 -

That's the main reason I avoid it. There's a big risk of dependency conflicts in production environments. Better to let the distro manage those updates.

Answered By CautiousCoder19 On

If you're using a reliable distribution, they usually backport security fixes. Make sure to check the CVE statuses on their security tracker for peace of mind.

Answered By ComplianceWatcher12 On

I prefer open-vm-tools, but from a compliance standpoint, VMware's official tools get quicker support and updates. That's why our organization only utilizes VMware tools instead of open-vm-tools.

Answered By LinuxLover88 On

If you're sticking with the distro package, just follow their release schedule. They generally provide backed-up security fixes for critical vulnerabilities.

Answered By SecuritySkeptic54 On

Is this the CVE in question? I think unless you're in a strict regulatory environment, pushing for immediate updates might just be riskier in the long run. I suggest waiting for the distro to update, or temporarily uninstalling the package if needed. Open-vm-tools are handy, but not essential; going rogue can lead to potential dependency issues. A low-risk vulnerability like this might not warrant immediate action, especially if the risks of updating out-of-band outweigh the benefits.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.