VMware ESX third party update for Service Console package sudo
VMware ESX 4.1 without patch ESX410-201312001
VMware ESX 4.0 without patch ESX400-201305001
a. Service Console update for sudo
The service console package sudo is updated to version 1.7.2p1-14.el5_8.3
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2337 and CVE-2012-3440 to the issue addressed in this update.
Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
ESXi and ESX
ESX410-201312001 contains ESX410-201312401-SG
ESX400-201305001 contains ESX400-201305402-SG
Initial security advisory in conjunction with the release of ESX 4.0 patches on 2013-05-30.
Security advisory update in conjunction with the release of ESX 4.1
patches on 2013-12-05.
E-mail list for product security notifications and announcements:
This Security Advisory is posted to the following lists: