Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

ESX Server 3.0.2, Patch ESX-1005114: VCB Fails Due to Disk Lease Timeout; Enabling Root Password Expiry; VirtualCenter 2.5 Displays an Error When a Virtual Machine is Powered on; Third Party Library libpng Updated to 1.2.29 (1005114)

Details

Release Date: 08/28/08
Document Last Updated: 08/28/08
 
3b6d33b334f0020131580fdd8f9b5365
Product Versions
ESX Server 3.0.2
Patch Classification
Security
Supersedes
Virtual Machine Migration or Reboot Required
No
ESX Server Host Reboot Required
No
PRs Fixed
222153, 295985, 237629, 281597
Affected Hardware
N/A
Affected Software
VMware Consolidated Backup, VirtualCenter 2.5, libpng
RPMs Included
VMware-esx-hostd
Related CVE numbers
CVE-2007-5269

Summary

This patch fixes the following issues
  • During snapshot or backup procedures, VMware Consolidated Backup periodically requests ESX Server host of disk lease extension, which might be delayed due to network conditions and the increased load on VMware VirtualCenter. This fix increases the disk lease timeout on ESX Server host and VirtualCenter.
  • Previously, the root password expiry information was not preserved across hostd restarts. A new tag called rootPasswdExpiration is added to the /etc/vmware/hostd/config.xml file. If this rootPasswdExpiration tag is set to true , then the number of days to expiry will be preserved across hostd restarts. 
        After setting the rootPasswdExpiration tag in the /etc/vmware/hostd/config.xml file as True , run the following command:     
     chage –M <X> root 
      Here, X is the number of days till expiration. 
 
          Example: chage -M <60> root indicates the root password will expire after 60 days
          Note: As the default value of rootPasswdExpiration tag is set as False , this fix will not impact customers who do not want the root password to expire.
  • VirtualCenter 2.5 displays an error message when a virtual machine is powered on with a passthrough attached SCSI Tape device.
  • Several flaws were discovered in the way third party library libpng handled various PNG image chunks. An attacker could create a carefully crafted PNG image file in such a way that it causes an application linked with libpng to crash when the file is manipulated.  T he Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5269 to the security issue fixed in this update. To complete the fix, install ESX-1005114ESX-1005113, and ESX-1005109.

Solution

Symptoms

The following symptoms might occur without this patch:
  • VCB backup fails with an error message:
    [2007-09-16 02:40:05.003 'App' 7856 verbose] ============BEGIN FAILED METHOD CALL DUMP============[2007-09-16 02:40:05.206 'App' 7856 verbose] Invoking [release] on [vim.host.DiskManager.Lease:session[2A289BC0-8BB6-4044-81E3-EDF646675445]EA4E00F9-0EC2-4511-889F-76BD450915CE] [2007-09-16 02:40:05.206 'App' 7856 verbose] Fault Msg: "The request refers to an object that no longer exists or has never existed." [2007-09-16 02:40:05.206 'App' 7856 verbose] =============END FAILED METHOD CALL DUMP=============[2007-09-16 02:40:05.253 'BlockList' 7856 error] The managed object of type "vim.host.DiskManager.Lease" identified by the MoRef "session[2A289BC0-8BB6-4044-81E3-EDF646675445]EA4E00F9-0EC2-4511-889F-76BD450915CE" could not be found.
  • VirtualCenter 2.5 displays a Device 'SCSI Device 1' has a backing type that is not supported. This is a general limitation of the host error message when a virtual machine is powered on with a passthrough attached SCSI Tape device.

Deployment Considerations

To address the libpng issue, you must install ESX-1005114 ESX-1005113, and ESX-1005109  to complete the fix.

Download Instructions

Download and verify the patch bundle as follows:

  1. Download patch ESX-1005114 from http://www.vmware.com/download/vi/vi3_patches.html.

  2. Log in to the ESX Server service console as root.

  3. Create a local depot directory.

    # mkdir -p /var/updates

    Note: VMware recommends that you use the updates directory.

  4. Change your working directory to /var/updates.

    # cd /var/updates
  5. Download the tar file into the /var/updates directory.

  6. Verify the integrity of the downloaded tar file:

    # md5sum ESX-1005114.tgz

    The md5 checksum output should match the following:

    3b6d33b334f0020131580fdd8f9b5365 ESX-1005114.tgz
  7. Extract the compressed tar archive:

    # tar -xvzf ESX-1005114.tgz
  8. Change to the newly created directory, /var/updates/ESX-1005114:

    # cd ESX-1005114

Installation Instructions  

After you download and extract the archive, and if you are in the directory that you previously created, use the following command to install the update:

# esxupdate update

To run esxupdate from a different directory, you must specify the bundle path in the command:

# esxupdate -r file://<directory>/ESX-1005114 update

For example, if the host is called depot:

# esxupdate -r file:///depot/var/updates/ESX-1005114 update

During the update process, logs appear on the terminal. You can specify the verbosity of esxupdate logs by using the -v option as shown, below.

# esxupdate -v 10 file://<directory>/ESX-1005114 update

For more information on how to use esxupdate, see the Patch Management for ESX Server 3 tech note at http://www.vmware.com/pdf/esx3_esxupdate.pdf.

 

Keywords

esxpatch;esx302

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 1 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 1 Ratings
Actions
KB: