The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
VMware ESXi 5.0 Patch Image Profile ESXi-5.0.0-20131001001s-no-tools (2055564)
Release date: October 17, 2013
|Build||For build information, see KB 2055559.|
|October 17, 2013|
|Affected VIBs||VMware: esx-base_5.0.0-2.38.1311177|
|PRs Fixed||952737, 989852, 935530, 1002222, 942191, 951764, 1020789, 1027266|
|Related CVE numbers||CVE-2013-0169, CVE-2013-0166, CVE-2013-0338, and CVE-2013-5970|
For information on patch and update classification, see KB 2014447.
This patch updates the net-bnx2x VIB to address a stability issue, and updates the esx-base VIB to resolve the following issues:
- PR 989852: The ESXi userworld OpenSSL library is updated to version openssl-0.9.8y to resolve multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0169 and CVE-2013-0166.
- PR 935530, 1002222: The ESXi userworld libxml2 library has been updated to resolve a security issue.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0338 to these issues.
- PR 942191: The ESXi userworld libxslt package is updated.
- PR 951764: VMware ESXi and ESX contain a vulnerability in hostd-vmdb. To exploit this vulnerability, an attacker must intercept and modify the management traffic. Exploitation of the issue may lead to a Denial of Service of the hostd-vmdb service.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-5970 to this issue.
- PR 1020789: During the remediation process of an ESXi host against a patch baseline that consists of bulletins that have only Reboot impact, Update Manager fails to power off or suspend the virtual machines that are on the host. As a result the host cannot enter maintenance mode, and the remediation cannot be completed.
This issue is resolved in bulletins created in this release and later.
- PR 1027266: Updates the misc-drivers VIB to implement an infrastructure change to prevent installation of incompatible versions of esx-base and misc-drivers VIBs together.
None beyond the required patch bundles and reboot information listed in the table above.
Patch Download and Installation
An ESXi system can be updated using the image profile, by using the esxcli software profile command. For details, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide.For information about image profiles and how it applies to ESXi 5.0 hosts, see Image Profiles of ESXi 5.0 Hosts (KB 2009231). ESXi hosts can also be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command.
Request a Product Feature
To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.