Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides

Search the VMware Knowledge Base (KB)

View by Article ID

VMware ESX 4.1, Patch ESX410-201208101-SG: Updates the VMware ESX 4.1 Core and CIM Components (2020732)

Details

Product Version	ESX 4.1 Update 3
Patch Classification	Security
Build Information	For build information, see KB 2020362.
Host Reboot Required	Yes
Virtual Machine Migration or Shutdown Required	Yes
PRs Fixed	778259, 778523, 816229, 845912, 861618, 870960, 874788
Affected Hardware	N/A
Affected Software	N/A
VIBs Included	VMware-webCenter-esx kernel vmware-esx-apps vmware-esx-cim vmware-esx-scripts vmware-esx-tools vmware-esx-uwlibs vmware-esx-vmkctl vmware-esx-vmkernel64 vmware-esx-vmnixmod vmware-esx-vmx vmware-hostd-esx vmwprovider
Related CVE numbers	CVE-2010-4180, CVE-2010-4252, CVE-2011-0014, CVE-2011-1020, CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-2699, CVE-2011-3190, CVE-2011-3188, CVE-2011-3209, CVE-2011-3363, CVE-2011-3375, CVE-2011-4108, CVE-2011-4109, CVE-2011-4110, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2011-4858, CVE-2012-0022, CVE-2012-0050, CVE-2012-0207, and CVE-2012-1583.

Solution

This patch resolves the following security issues:

PR 778259: Oracle (Sun) JRE is updated to version 1.6.0_31, which addresses multiple security issues. Oracle has documented the CVE identifiers that are addressed by this update in the Oracle Java SE Critical Patch Update Advisory of February 2012.
PR 778523 and PR874788: The ESX service console kernel is updated to resolve multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1020, CVE-2011-1833, CVE-2011-2484, CVE-2011-2496, CVE-2011-2699, CVE-2011-3188, CVE-2011-3209, CVE-2011-3363, CVE-2011-4110, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2012-0207, and CVE-2012-1583 to these issues.
PR 816229: Apache Tomcat has been updated to version 6.0.35 to address multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-3190, CVE-2011-3375, CVE-2011-4858, and CVE-2012-0022 to these issues.
PR 845912: This patch removes a call to a non-existing ThinPrint DLL as a security hardening measure.
VMware would like to thank Moshe Zioni from Comsec Consulting for reporting this issue to us.
PR 861618: The ESX userworld OpenSSL library is updated from version 0.9.8p to version 0.9.8t to resolve multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4180, CVE-2010-4252, CVE-2011-0014, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, and CVE-2012-0050 to these issues.
PR 870960: When you enable Bridge Protocol Data Unit (BPDU) guard on the physical switch port, BPDU frames sent from the bridged virtual NIC cause the physical uplink to get disabled and as a result, the uplink goes down.
Note: Identify the host, which sent out the BPDU packets and set esxcfg-advcfg -s 1 /Net/BlockGuestBPDU on that host. This filters out and blocks BPDU packets from the Guest. The virtual machines with the bridged virtual NICs should be powered on only after this filter is turned on for the filter to take effect.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

1 2 3 4 5
0 Ratings

1 2 3 4 5
0 Ratings

Actions

Bookmark Document

KB:

Did this article help you?
This article resolved my issue. This article did not resolve my issue. This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)