VMware

VMware ESX Server 2.5.5 Upgrade Patch 14 (for 2.5.5 Systems Only)

Released 8/31/09

TAR File

This document contains the following information:

Security Issues

This patch updates the krb5 package to version krb5-libs-1.2.2-49 in the service console, to fix an input validation flaw that was found in the ASN.1 (Abstract Syntax Notation One) decoder used by MIT Kerberos.
The Common Vulnerabilities and Exposures Project has assigned the name CVE-2009-0846 to this issue.
Refer VMware Security Center for regular updates to the VMware Security Advisories.

Resolved Issues

This patch resolves an issue where installing Dell OpenManage Server Agent version 5.2 on ESX Server 2.5.5 hosts might fail with an error similar to the following:
Looking for ucd-snmp-4.2.5-8.AS21.5...
Couldn't find the ucd-snmp-4.2.5-8.AS21.5 rpm.
Error: the VMware ESX Server is not ready for Dell OpenManage installation

Applicability

This patch is an ESX Server 2.5.5 patch. Ensure that ESX Server 2.5.5 build 57619 or later is installed before applying the patch. Run vmware -v to see the version and build information for your ESX Server installation.

Installing the Update

Note: Back up your ESX Server installation before installing this patch. Also, a minimum of 350MB of temporary free space on the / file system is required for installing this patch.

This update requires you to boot your server into Linux mode to perform the upgrade. When you are prompted to reboot at the end of the upgrade, the installer restarts your system to run ESX Server.

  1. Power off all virtual machines.
  2. Restart your system.
  3. At the LILO Boot Menu, select the option appropriate for your system.
    • For a boot-from-SAN installation, select esx-san-safe.
    • For all other installations, select linux-up.
  4. Log in as root to the ESX Server service console.
  5. Download the tar file into a temporary directory under /root on your ESX Server service console.
  6. Change your working directory to that directory.
  7. Verify the integrity of the package:
    # md5sum esx-2.5.5-184659-upgrade.tar.gz

    The md5 checksum output should match the following:
    8bf0a6a1e8b43ccb401f3a604c3be363 esx-2.5.5-184659-upgrade.tar.gz

  8. Extract the compressed tar archive:
    # tar -xvzf esx-2.5.5-184659-upgrade.tar.gz
  9. Change to the newly created directory:
    # cd esx-2.5.5-184659-upgrade
  10. Run the installer:
    # ./upgrade.pl
  11. The system updates have now been installed. A reboot prompt is displayed:
    Reboot the server now [y/n]?

    This update will not be complete until you reboot the ESX Server host. If you enter n to indicate that you will not reboot the server at this time, ESX Server displays the warning message: Please reboot the server manually. Your virtual machines will not run properly until this is done. If you see this message, you must manually reboot the server to complete the upgrade.

  12. At the reboot prompt, enter y to reboot the server.