Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
 
Search the VMware Knowledge Base (KB)   View by Article ID
 

VMware ESX 3.5, Patch ESX350-200910401-SG: Updates VMkernel, Tools, hostd (1013124)

Details

Release Date: October 16, 2009

Download Size:
303 MB
Download Filename:
ESX350-200910401-SG.zip
md5sum:
73435b0495a61b00bedbead140b2a262 
 



Product Versions ESX 3.5
Build 199239
Patch Classification Security
Supersedes ESX350-200712407-BG
ESX350-200712409-BG
ESX350-200712410-BG
ESX350-200802401-BG
ESX350-200802409-BG
ESX350-200802410-BG
ESX350-200802411-BG
ESX350-200802412-BG
ESX350-200803202-UG
ESX350-200803211-UG
ESX350-200803217-UG
ESX350-200804401-BG
ESX350-200804402-BG
ESX350-200804403-BG
ESX350-200804407-BG
ESX350-200805501-BG
ESX350-200805503-BG
ESX350-200805515-SG
ESX350-200806203-UG
ESX350-200806207-UG
ESX350-200806209-UG
ESX350-200806401-BG
ESX350-200806402-BG
ESX350-200806405-BG
ESX350-200806812-BG
ESX350-200808203-UG
ESX350-200808207-UG
ESX350-200808209-UG
ESX350-200808401-BG
ESX350-200808402-BG
ESX350-200808412-BG
ESX350-200809404-SG
ESX350-200811401-SG
ESX350-200811409-BG
ESX350-200901401-SG
ESX350-200901404-BG
ESX350-200901405-BG
ESX350-200901406-BG
ESX350-200903224-UG
ESX350-200903412-BG
ESX350-200904201-SG
ESX350-200904401-BG
ESX350-200904405-BG
ESX350-200904409-BG
ESX350-200905401-BG
ESX350-200905402-BG
ESX350-200905405-BG
ESX350-200906401-BG
ESX350-200906403-BG
ESX350-200906406-BG
ESX350-200906408-BG
ESX350-200907403-BG
ESX350-200907404-BG
ESX350-200907405-BG
ESX350-200907407-BG
ESX350-200908402-BG
ESX350-200908404-BG
ESX350-200908405-BG
ESX350-200908406-BG
ESX350-200908407-BG
Requires ESX350-200810201-UG
ESX350-200903201-UG
ESX350-200910402-BG
Virtual Machine Migration or Reboot Required Yes
Host Reboot Required Yes
PRs Fixed 358372, 449158, 403926, 419957, 262609, 449508
Affected Hardware Emulex HBAs
Affected Software VMware Tools, ISC third-party DHCP client
RPMs Included VMware-esx-apps
VMware-esx-backuptools
VMware-esx-lnxcfg
VMware-esx-srvrmgmt
VMware-esx-tools
VMware-esx-vmkctl
VMware-esx-vmkernel
VMware-esx-vmx
VMware-hostd-esx
kernel-source
kernel-vmnix
Related CVE Numbers
CVE-2008-4210, CVE-2008-3275, CVE-2008-0598,
CVE-2008-2136, CVE-2008-2812, CVE-2007-6063,
CVE-2008-3525, and CVE-2009-0692

Solution

Summary

This patch contains the following fixes and enhancements:

  • This patch reduces the boot time of ESX hosts and should be applied when multiple ESX hosts detect LUNs used for Microsoft Cluster Service (MSCS).

Symptom: Error messages similar to the following might be logged in the /var/log/vmkernel log file of the service console:

Jul 24 14:34:24 VMEX3EQCH1100003 vmkernel: 165:15:48:57.500 cpu0:1033)WARNING: SCSI: 5519: Failing I/O due to too many reservation conflicts

Jul 24 14:34:24 VMEX3EQCH1100003 vmkernel: 165:15:48:57.500 cpu0:1033)WARNING: SCSI: 5615: status SCSI reservation conflict, rstatus 0xc0de01 for vmhba1:0:9. residual R 919, CR 0, ER 3

Jul 24 14:34:24 VMEX3EQCH1100003 vmkernel: 165:15:48:57.500 cpu0:1033)SCSI: 6608: Partition table read from device vmhba1:0:9 failed: SCSI reservation conflict (0xbad0022)

  • Any additional lines or customizations added by a user in the /etc/fstab file are deleted when VMware Tools is reinstalled or reconfigured. This issue occurs because when uninstalling, VMware Tools restores the files which were backed up during installation.
  • After applying this patch, any request for connection with ESX 3.5 using cipher suite of 56-bit encryption will be dropped. As a result, browsers that exclusively use cipher suites with 40-bit and 56-bit encryption cannot connect to ESX 3.5. Microsoft has made the Internet Explorer High Encryption Pack available for Internet Explorer 5.01 and earlier. Internet Explorer 5.5 and higher versions already use 128-bit encryption. 56-bit encryption and below is considered weak encryption and should no longer be used. 
  • This patch contains a fix for a security vulnerability in the ISC third-party DHCP client. This vulnerability allows for code execution in the client by a remote DHCP server through a specially crafted subnet-mask option. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0692 to this issue.

Deployment Considerations

Before installing this patch, refer KB 1014799

Patch Download and Installation

Note: All virtual machines on the ESX host must be either shut down or migrated using VMotion before applying the patch. A reboot of the ESX host is required after applying this patch.

See the vCenter Update Manager Administration Guide for instructions on using Update Manager to download and install patches to automatically update ESX 3.5 hosts.

To update ESX 3.5 hosts when not using Update Manager, download the most recent patch bundle from http://www.vmware.com/download/vi/vi3_patches_35.html and install the bundle using esxupdate from the command line of the host. For more information, see the ESX Server 3 Patch Management Guide.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 5 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 5 Ratings
Actions
KB: