Schlagworte: update

ESX/ESXi 3.5 Update 2 – Time Sync

Das Flatterte gerade in meinen Postfach.
Also wen es betrifft, der sollte den Patch schleunigst einspielen, damit es nicht zu Problemen mit den VM´s kommt.

Dear VMware Customers,

We have released the express patches for the product expiration issue. Please go to http://www.vmware.com/go/esxexpresspatches for more information.

Problem:

An issue has been discovered by many VMware customers and partners with ESX/ESXi 3.5 Update 2 where Virtual Machines fail to power on or VMotion successfully. This problem began to occur on August 12, 2008 for customers that had upgraded to ESX 3.5 Update 2. The problem is caused by a build timeout that was mistakenly left enabled for the release build.

The following message is displayed in the vmware.log file for the virtual machine:

This product has expired. Be sure that your host machine’s date and time are set correctly.
There is a more recent version available at the VMware web site: http://www.vmware.com/info?id=4.
————–
Module License Power on failed.

Affected Products:

– VMware ESX 3.5 Update 2 & ESXi 3.5 Update 2.

– The problem will be seen if ESX350-200806201-UG is applied to a system.

– No other VMware products are affected.

Resolution:

VMware Engineering has produced express patches for impacted customers to resolve the issue.

FAQ:

1. What do the express patches do?

There are two express patches: one for ESX 3.5 Update 2 and one for ESXi 3.5 Update 2. They are specifically targeted for customers who have installed or fully upgraded to ESX/ESXi 3.5 Update 2 or who have applied the ESX350-200806201-UG patch to ESX/ESXi 3.5 or ESX/ESX 3.5 Update 1 hosts. For customers who haven’t done either, these express patches should not be applied.

To be noted is that these patches have been validated to work with esxupdate. However, testing with the VMware Update Manager is still under way. In subsequent communications, we will provide confirmation whether the patches work with VMware Update Manger or if a re-spin is required.

We are currently testing an option to apply the patch without requiring VMotion or VM power-off and re-power-on at the point of patch application. To immediately refresh vmx on the VM, one can VMotion off running VMs, apply the patches and VMotion the VMs back. If VMotion capability is not available, VMs can be powered off before the patches are applied and powered back on afterwards.

2. When will VMware re-issue the upgrade media and patch bundles?

VMware plans to re-issue upgrade media by 6pm, August 13 PST and all update patch bundles later in the week. We will provide an ETA for the update patch bundles subsequently.

NOTE:

  • An upgrade media refers to ESX 3.5 Update 2 ISO, ESXi 3.5 Update 2 ISO, ESX 3.5 Update 2 upgrade tar and zip files. They are for customers who haven’t installed or upgraded to ESX/ESXi 3.5 Update 2 but wish to.
  • The „patch bundles“ here refer to those released at GA. They are for customers who do not wish to do a full upgrade to ESX/ESXi 3.5 Update 2, but apply patches that are deemed necessary to hosts running ESX/ESXi 3.5 or ESX/ESXi 3.5 Update 1. They are not the same as the express patch which is described above.

3. Why does VMware plan to re-issue the upgrade media before the patch bundles?

Since we can complete building and testing of the upgrade media before the patch bundles, we want to make that available to customers right away instead of re-issuing all the binaries later in the week.

VMSA-2008-00011 Updated ESX service console packages for Samba and vmnix

– ——————————————————————-
VMware Security Advisory

Advisory ID: VMSA-2008-00011
Synopsis: Updated ESX service console packages for Samba
and vmnix
Issue date: 2008-07-28
Updated on: 2008-07-28 (initial release of advisory)
CVE numbers: CVE-2007-5001 CVE-2007-6151 CVE-2007-6206
CVE-2008-0007 CVE-2008-1367 CVE-2008-1375
CVE-2008-1669 CVE-2006-4814 CVE-2008-1105
– ——————————————————————-

1. Summary:

Updated ESX packages address several security issues.

2. Relevant releases:

VMware ESX 3.5 without patches ESX350-200806201-UG (vmnix) and
ESX350-200806218-UG (samba)

3. Problem description:

I Service Console rpm updates

a. Security Update to Service Console Kernel

This fix upgrades service console kernel version to 2.4.21-57.EL.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-5001, CVE-2007-6151, CVE-2007-6206,
CVE-2008-0007, CVE-2008-1367, CVE-2008-1375, CVE-2006-4814, and
CVE-2008-1669 to the security issues fixed in kernel-2.4.21-57.EL.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable

hosted any any not applicable

ESXi 3.5 ESXi not applicable

ESX 3.5 ESX patch ESX350-200806201-UG
ESX 3.0.2 ESX affected, no update planned
ESX 3.0.1 ESX affected, no update planned
ESX 2.5.5 ESX not applicable
ESX 2.5.4 ESX not applicable

b. Samba Security Update

This fix upgrades the service console rpm samba to version
3.0.9-1.3E.15vmw

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-1105 to this issue.

VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not applicable

hosted any any not applicable

ESXi 3.5 ESXi not applicable

ESX 3.5 ESX patch ESX350-200806218-UG
ESX 3.0.2 ESX affected, patch pending
ESX 3.0.1 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
ESX 2.5.4 ESX affected, patch pending

Via: http://lists.vmware.com/pipermail/security-announce/2008/000023.html