Search the VMware Knowledge Base (KB)
View by Article ID

VMware ESXi 5.5, Patch ESXi550-201501101-SG: Updates esx-base (2099273)

  • 2 Ratings

Details

Release date: Jan 27, 2015

Patch Category Security
Patch Severity Important
Build For build information, see KB 2099265.
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included VMware:esx-base:5.5.0-2.51.2352327
PRs Fixed 1292480, 1313553, 1319043, 1342195, 1362408, 1366442
Related CVE numbers CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, and CVE-2014-3660

Solution

Summaries and Symptoms

This patch updates the esx-base VIB to resolve the following issues:

  • With this release, the pshare salting for the Transparent Page Sharing (TPS) management capabilities that was introduced in the previous patch release is enabled by default. This means that TPS only applies to individual virtual machines and that inter-VM TPS is disabled unless an administrator chooses to re-enable it.

    For more information, see KB 2091682.

  • The Likewise 5.3 stack which has Kerberos 5-1.6.3 version has been updated.

  • The patch update process might fail with a ValueError message when you attempt to install a patch on ESXi 5.5. An error message similar to the following is displayed on the ESXi host:

    [ValueError]
    Cannot merge VIBs VMware_bootbank_ata-pata-atiixp_0.4.6-3vmw.nnn.0.0.nnnnnn, VMware_bootbank_ata-pata-atiixp_0.4.6-3vmw.nnn.0.0.nnnnnn with unequal statelessready attribute

    This issue occurs because the update process detects two VIBs with same VIB ID and version, and attempts to merge from different sources, which can be either an online software depot, offline ZIP file or a VIB installed on the ESXi host with different values for stateless-ready attributes.

  • The OpenSSL version is updated to 1.0.1j to address multiple security issues.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, and CVE-2014-3568 to these issues.

  • The ESXi libxml2 library has been updated to resolve a security issue.

    The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-3660 to this issue.

  • The OpenSSH is updated to address stability issues.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is through the VMware Update Manager. For details, see the Installing and Administering VMware vSphere Update Manager.

ESXi hosts can be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command. Additionally, the system can be updated using the image profile and the esxcli software profile command. For details, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide.

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 2 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 2 Ratings
Actions
KB: