VMware ESX Server 2.1.2 Upgrade Patch 3 (for 2.1.x Systems)

Released 5/3/05

TAR File

This patch includes new updates for ESX Server 2.1.x  that address the following known issues:

• Errors in creating VLAN tags within virtual switches (see Knowledge Base Article 1655 for details)
  

• Security fix-- uselib security exploit CAN-2004-1235 (see Knowledge Base Article 1654 for details)
  

This patch also includes previously released updates for ESX Server 2.1.x  that address the following issues. The patch installer will only install these updates if they have not been previously installed on your system:

• Errors using FSC Global Array Manager and SAN Array Manager tools (see Knowledge Base Article 1584 for details)
  
• Reporting the CPU and bus speed of a server incorrectly (see Knowledge Base Article 1583 for details)
  
• Memory allocation error in Windows XP and Windows Server 2003 virtual machines (see Knowledge Base Article 1549 for details)
• Security fix-- mod_ssl security exploit CAN-2004-0885 (see Knowledge Base Article 1555 for details)
• Security fix-- mod_ssl security exploit CAN-2004-0700 (see Knowledge Base Article 1429 for details)
  
• Security fix-- Linux security exploit CAN-2004-0415 (see Knowledge Base Article 1431 for details)
  

There is a separate patch for 2.0.1 available as the VMware ESX Server 2.0.1 Upgrade Patch 3. You can repair the CAN-2004-1235 security vulnerability in ESX Server 2.5 by upgrading to VMware ESX Server 2.5.1.

Note: This update only works if you have ESX Server 2.1, 2.1.1 or 2.1.2. Please make sure that one of these versions is installed before applying the patch. The installer will log the name of this patch and information on the updated components in the file /var/log/vmkernel-version.

Installing the Update

This update will require you to boot your server into Linux mode to perform the upgrade. When you are prompted to reboot at the end of the upgrade, the installer will restart your system to run ESX Server.

1. Power off all virtual machines and shutdown your server.
2. Restart your system.
3. At the LILO Boot Menu, select the linux option. Allow the system start procedure to complete.
4. Log in as root into the ESX Server service console, in Linux mode. Make sure your path variable contains /usr/bin:/bin.
5. Download the tar file into the temporary directory /tmp on your ESX service console.
6. Change directories to /tmp.
7. Verify the integrity of the package:
   # md5sum esx-2.1.2-13434-upgrade.tar.gz

   The md5 checksum output should match the following:

   3f28b074af76387ef27b0bc3b46993e2 esx-2.1.2-13434-upgrade.tar.gz

8. Extract the compressed tar archive:
   # tar -xvzf esx-2.1.2-13434-upgrade.tar.gz
9. Change directories to the newly created directory /tmp/esx-2.1.2-13434-upgrade:
   # cd esx-2.1.2-13434-upgrade
10. Run the patch installer:
    # /usr/bin/perl ./upgrade.pl

    Note: Once you start the installation script, do not enter keyboard escape commands such as Control-C or Control-D. Using escape commands will interrupt the upgrade procedure and leave your system partially upgraded.

11. The system updates have now been installed. A reboot prompt displays:
    Reboot the server now [y/n]?

    This update will not be complete until you reboot the ESX Server. If you enter N, to indicate that you will not reboot at this time, ESX Server displays the warning message "Please reboot the server manually for this update to take effect. Update has been terminated unexpectedly." If you see this message, you must manually reboot the server to complete the driver update.

12. At the reboot prompt, enter Y to reboot the server.