New Patches Available for ESX 3.5 / 3i and ESX 3.01 / 3.02 – June 3, 2008
June 5th, 2008 | 
Author: New Patches have been released for ESX 3.5 / 3i, ESX 3.02, and ESX 3.01. Information from the email notifications I received are copied in this post. Looks like monthly patching has become a reality for VMware. That’s the ultimate proof of success, I guess. If it’s a popular product the chances of it being exploited are increased exponentially. Make sure your Update Manager server is working properly …..
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Subject: ESX Server 3.5 / 3i – New Patches Available
Release Date: 06/03/08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
New patches are available for ESX Server 3.5/3i.
Please follow the instructions on the appropriate patch download page.
VMware ESX Server 3.5 Patch Download Page
[http://app.connect.vmware.com/e/er.aspx?s=524&lid=2755&elq=6744B4A9AF564DAC9063B20C6ECC15A3]
ESX350-200805501-BG (Critical):update to the VMkernel
ESX350-200805502-BG (General):update to VMware ESX Scripts
ESX350-200805503-BG (General):update to VMnix
ESX350-200805504-SG (Security):security Update to the Service Console for Cyrus SASL
ESX350-200805505-SG (Security):security Update to the Service Console for unzip
ESX350-200805506-SG (Security):security Update to the Service Console for Tcl/Tk
ESX350-200805507-SG (Securiry):security Update to the Service Console for Kerebos 5
ESX350-200805508-SG (Security):update to pegasus and cim-smwg
ESX350-200805510-SG (Security):update to VMware-esx-vmx
ESX350-200805511-SG (Security):update to VMware-hostd-esx
ESX350-200805512-SG (Security):update to VMware-esx-tools
ESX350-200805513-BG (General):update to VMware-esx-iscsi
ESX350-200805514-BG (General):update to VMware-esx-drivers-net-e1000
ESX350-200805515-SG (Security):update to VMware-esx-srvrmgmt
VMware ESX Server 3i Patch Download Page
[http://app.connect.vmware.com/e/er.aspx?s=524&lid=2756&elq=6744B4A9AF564DAC9063B20C6ECC15A3]
ESXe350-200805501-I-SG (Critical):firmware Update for ESXi
ESXe350-200805502-T-SG (Security):VMware Tools Update for ESXi
ESXe350-200805503-C-SG (General):updates VI Client to the latest version
We expect the next patch release in late June 2008.
If you have any questions, please contact support at 877-4-VMWARE.
Regards,
The VMware Team
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Subject: ESX Server 3.0.1 / 3.0.2 – New Patches Available
Release Date: 06/03/08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
New patches are available for ESX Server 3.0.1 and ESX Server 3.0.2.
ESX Server patches can be accessed through the on-line ESX Server Patch Download tool:
[http://app.connect.vmware.com/e/er.aspx?s=524&lid=2272&elq=1438A5DB8F4D42A0B543E37F73C6835D]
Please follow the instructions on the appropriate patch download page.
VMware ESX Server 3.0.1 Patches
ESX-1004186 (Security):fixes VMware VIX API Memory Overflow Vulnerabilities; fixes an issues with VMware Tools that may allow local privilege escalation on Windows-based GOS; fixes an issue where a VM is unable to browse NFS or networking shares; Fixes an issue where pre-built modules for VMware Tools results not available
ESX-1004187 (Security):Service Console Security Update for the pcre package
ESX-1004188 (Security):Service Console Security Update for the net-snmp package
ESX-1004189 (Security):Service Console Security Update for Kerebos 5
ESX-1004190 (Security):Service Console Security Update for unzip
ESX-1004721 (Security):Service Console Security Update for Cyrus SASL
ESX-1004723 (Security):Service Console Security Update for Tcl/Tk
ESX-1004725 (Security):fix for VMware VIX API Memory Overflow Vulnerabilities
ESX-1004728 (Security):Security Update to Fix Local Exploitation of an Untrusted Library Path Vulnerability in vmware-authd
ESX-1004822 (General):fixes an issue where snapshot operations might fail under high I/O stress
VMware ESX Server 3.0.2 Patches
ESX-1004214 (General):fixes an issue where the software iSCSI initiator does not discard stale target bindings
ESX-1004216 (Security):fixes an issues where vmkernel LVM driver might stop eesponding;fix for VMware VIX API Memory Overflow Vulnerabilities; fixes an issue where snapshot operations might fail Under high I/O stress
ESX-1004217 (Security):Service Console Security Update for the pcre package
ESX-1004218 (Security):Service Console Security Update for the net-snmp package
ESX-1004219 (Security):Service Console Security Update for Kerebos 5
ESX-1004719 (Security):Service Console Security Update for unzip
ESX-1004720 (General):Fix for bnx2 Driver not Properly Reporting Simulated Hardware Failure
ESX-1004722 (Security):Service Console Security Update for Cyrus SASL
ESX-1004724 (Security):Service Console Security Update for Tcl/Tk
ESX-1004726 (Security):fix for VMware VIX API Memory Overflow Vulnerabilities
ESX-1004727 (Security):fix for VMware VIX API Memory Overflow Vulnerabilities; VMware Tools Local Privilege Escalation on Windows-based GOS; Unable to Browse NFS or Networking Shares; Pre-built Modules for VMware Tools Not Available
ESX-1004821 (Security):Security Update to Fix Local Exploitation of an Untrusted Library Path Vulnerability in vmware-authd
We expect the next patch release in late June 2008.
If you have any questions, please contact support at 877-4-VMWARE.
Regards,
The VMware Team
Posted in 
Tags: 
