$ git clone -n https://src.fedoraproject.org/rpms/open-vm-tools.git /var/lib/mock/f39-build-1601189-38557/root/chroot_tmpdir/scmroot/open-vm-tools
Cloning into '/var/lib/mock/f39-build-1601189-38557/root/chroot_tmpdir/scmroot/open-vm-tools'...
$ git fetch origin 03ca09da8cc7230607db0ec489173e80bd9c3884:KOJI_FETCH_HEAD
From https://src.fedoraproject.org/rpms/open-vm-tools
 * [new ref]         03ca09da8cc7230607db0ec489173e80bd9c3884 -> KOJI_FETCH_HEAD
$ git reset --hard KOJI_FETCH_HEAD
HEAD is now at 03ca09d Address CVE-2023-34058 - BZ 2246963 - SAML token signature token bypass.