VMware

 

VMware ACE 2.5.3 Release Notes

VMware ACE Version 2.5.3 | 20 August 2009 | Build 185404

Document Last Updated: August 21, 2009

These release notes cover the following topics:

Prior Releases

Features from the prior releases of VMware ACE are described in the following release notes:

Known Issues

The following issues are unresolved for VMware ACE 2.5.3:

  • Uploading custom SSL certificates to the ACE Management Server fails when using Internet Explorer 8. It is recommended to use an earlier version of Internet Explorer or Firefox.
  • Package installer does not work if the package name contains Unicode value > FFFF characters.

In addition to these ACE-specific known issues, VMware ACE includes the known issues listed in the Workstation 6.5.3 Release Notes.

Resolved Issues

The following issues are resolved in VMware ACE 2.5.3:

Security Fixes

  • New: An updated version of Apache is being shipped with ACE Management Server. The new version of ACE, updates the Apache HTTP Server on Windows hosts to version 2.0.63 to address multiple security issues that existed in previous versions of Apache.
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2007-3847, CVE-2007-1863, CVE-2006-5752, CVE-2007-3304, CVE-2007-6388, CVE-2007-5000, CVE-2008-0005 to the issues addressed by this update.

    Note: The Apache HTTP Server is not part of an ACE install on a Linux host. Update the Apache HTTP Server on the host system to version 2.0.63 in order to eliminate these security issues.

  • New: Third party library libpng updated to 1.2.35. Several flaws were discovered in the way the third-party libpng library handled uninitialized pointers. An attacker could create a PNG image file in such a way that when loaded by an application linked to libpng, it could cause the application to crash or execute arbitrary code at the privilege level of the user running the application.
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-0040 to this issue.

Miscellaneous

  • ACE Instance Customization needs to support 64-bit Windows guest operating systems.
  • Activation keys are listed in random order in the ACE policy settings. Sort the keys alphabetically, so that they can be easily scanned and identified.
  • The Helpdesk Login page cannot be accessed from the ACE Management Server Appliance Configuration Page.

In addition to these ACE-specific resolved issues, VMware ACE includes the resolved issues listed in the Workstation 6.5.3 Release Notes.

Top of Page