VMware ESX 3.5, Patch ESX350-200910406-SG: Updates Service Console DHCP Client (1013129)
Release Date: October 16, 2009
The service console package dhclient has been updated to version dhclient-3.0.1-10.2. This fixes a stack buffer overflow flaw in the ISC DHCP client and a flaw in the way the DHCP daemon init script handles temporary files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-0692 and CVE-2009-1893 to these issues.
None beyond the required patch bundles and reboot information listed in the table, above.
Patch Download and Installation
Note: All virtual machines on the ESX host must be either shut down or migrated using VMotion before applying the patch. A reboot of the ESX host is required after applying this patch.
See the vCenter Update Manager Administration Guide for instructions on using Update Manager to download and install patches to automatically update ESX 3.5 hosts.
To update ESX 3.5 hosts when not using Update Manager, download the most recent patch bundle from http://www.vmware.com/download/vi/vi3_patches_35.html and install the bundle using esxupdate from the command line of the host. For more information, see the ESX Server 3 Patch Management Guide.