Security Fixes for ESX

Tuesday, November 14, 2006 in Security, Virtualization by slowe | 1 comment

The Secunia advisories (ESX 2.x here and ESX 3.0.0 here) are dated today and were brought to my attention via Thincomputing.net.  Updates are available for both ESX 2.x (2.0.2, 2.1.3, 2.5.3, and 2.5.4 all have updates available) as well as for ESX 3.0.0 (please note that ESX 3.0.1 is not affected by the same vulnerability).

More information on the fixes (and the associated flaws or vulnerabilities) can be found in the original VMware advisories:

VMware ESX Server 2.0.2 Upgrade Patch 2
VMware ESX Server 2.1.3 Upgrade Patch 2
VMware ESX Server 2.5.3 Upgrade Patch 4
VMware ESX Server 2.5.4 Upgrade Patch 1
ESX Server 3.0.0 Patch ESX-2533126

Here is where the beauty of VMotion comes into play.  So you’ve got a farm of ESX servers running a boatload of virtual servers, and need to take the ESX hosts down to apply this patch, right?  No problem…just VMotion the virtual machines on one host off to another host, apply the patch, and reboot the host.  When that host comes back up, repeat the process with another host, and then another, until all your ESX servers are patched.  The users will never even know that anything was happening.

Tags: , , ,

  1. vjsys’s avatar

    vjsys on Thursday, February 19, 2009 at 7:38 am

    Hi,

    I got the important work of upgrading from “VMware ESX Server 3.0.1 build-52562″ to VMWare ESX 3.5 U1, for this i have patched the 3.0.1 with the following and Virtual Center to 2.5

    3.0.1-32039 08:50:08 05/01/07 Full 3.0.1 release of VMware ESX Server
    ESX-1001213 18:01:06 10/12/07 Security update for samba packages.
    ESX-1001691 18:12:23 10/12/07 Security update for the bind package.
    ESX-1001692 18:49:09 10/12/07 Security update for shadow-utils package
    ESX-1001694 18:52:59 10/12/07 Security update for pam packages.
    ESX-1001214 18:54:34 10/12/07 Security update for vixie-cron package.
    ESX-8253547 19:04:36 10/12/07 Security update for gcc packages.
    ESX-8258730 19:34:09 10/12/07 Delete snapshot of VM with two disks.
    ESX-1001693 19:35:26 10/12/07 Security update for openldap packages.
    ESX-1001723 19:36:19 10/12/07 Security update for krb5 packages.
    ESX-8567382 19:37:19 10/12/07 Security update for gdb packages.
    ESX-1002083 12:51:29 02/14/09 Vpxa upgrade failure during VC upgrade.
    ESX-1002085 13:11:54 02/14/09 vcbResAll -b prompt fills up log space.
    ESX-7557441 13:16:29 02/14/09 Each mgmt-vmware restart impacts all VMs

    with this Shall i able to upgrade to ESX 3.5….

    Need your help on this

    Thanks & regards
    vijay