[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Service Console



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

----------------------------------------------------------------------
                  VMware Security Advisory

Advisory ID: VMSA-2012-0001
Synopsis:    VMware ESXi and ESX updates to third party library
            and ESX Service Console
Issue date:  2012-01-30
Updated on:  2012-01-30 (initial advisory)

CVE numbers: --- COS Kernel ---
            CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,
            CVE-2011-1080, CVE-2011-1093, CVE-2011-1163,
            CVE-2011-1166, CVE-2011-1170, CVE-2011-1171,
            CVE-2011-1172, CVE-2011-1494, CVE-2011-1495,
            CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,
            CVE-2011-0695, CVE-2011-0711, CVE-2011-1044,
            CVE-2011-1182, CVE-2011-1573, CVE-2011-1576,
            CVE-2011-1593, CVE-2011-1745, CVE-2011-1746,
            CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,
            CVE-2011-2213, CVE-2011-2492, CVE-2011-1780,
            CVE-2011-2525, CVE-2011-2689, CVE-2011-2482,
            CVE-2011-2491, CVE-2011-2495, CVE-2011-2517,
            CVE-2011-2519, CVE-2011-2901
            --- COS cURL ---
            CVE-2011-2192
            --- COS rpm ---
            CVE-2010-2059, CVE-2011-3378
            --- COS samba ---
            CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,
            CVE-2011-2522, CVE-2011-2694
            --- COS python ---
            CVE-2009-3720, CVE-2010-3493, CVE-2011-1015,
            CVE-2011-1521
            --- python library ---
            CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,
            CVE-2010-2089, CVE-2011-1521
----------------------------------------------------------------------

1. Summary

  VMware ESXi and ESX updates to third party library and ESX Service
  Console address several security issues.

2. Relevant releases

  ESXi 4.1 without patch ESXi410-201201401-SG

  ESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG,
                          ESX410-201201404-SG, ESX410-201201405-SG,
                          ESX410-201201406-SG, ESX410-201201407-SG

3. Problem Description

a. ESX third party update for Service Console kernel

   The ESX Service Console Operating System (COS) kernel is updated to
   kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the
   COS kernel.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the names CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,
   CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166,
   CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494,
   CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,
   CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182,
   CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745,
   CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,
   CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525,
   CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495,
   CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 to these issues.

   Column 4 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware         Product   Running  Replace with/
   Product        Version   on       Apply Patch
   =============  ========  =======  =================
   vCenter        any       Windows  not affected

   hosted *       any       any      not affected

   ESXi           any       ESXi     not affected

   ESX            4.1       ESX      ESX410-201201401-SG
   ESX            4.0       ESX      patch pending
   ESX            3.5       ESX      not applicable

 * hosted products are VMware Workstation, Player, ACE, Fusion.

b. ESX third party update for Service Console cURL RPM

   The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9
   resolving a security issues.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the name CVE-2011-2192 to this issue.

   Column 4 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware         Product   Running  Replace with/
   Product        Version   on       Apply Patch
   =============  ========  =======  =================
   vCenter        any       Windows  not affected

   hosted *       any       any      not affected

   ESXi           any       ESXi     not affected

   ESX            4.1       ESX      ESX410-201201402-SG
   ESX            4.0       ESX      patch pending
   ESX            3.5       ESX      not applicable

   * hosted products are VMware Workstation, Player, ACE, Fusion.

c. ESX third party update for Service Console nspr and nss RPMs

   The ESX Service Console (COS) nspr and nss RPMs are updated to
   nspr-4.8.8-1.el5_7 and nss-3.12.10-4.el5_7 respectively resolving
   a security issues.

   A Certificate Authority (CA) issued fraudulent SSL certificates and
   Netscape Portable Runtime (NSPR) and Network Security Services (NSS)
   contain the built-in tokens of this fraudulent Certificate
   Authority. This update renders all SSL certificates signed by the
   fraudulent CA as untrusted for all uses.

   Column 4 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware         Product   Running  Replace with/
   Product        Version   on       Apply Patch
   =============  ========  =======  =================
   vCenter        any       Windows  not affected

   hosted *       any       any      not affected

   ESXi           any       ESXi     not affected

   ESX            4.1       ESX      ESX410-201201404-SG
   ESX            4.0       ESX      patch pending
   ESX            3.5       ESX      not applicable

   * hosted products are VMware Workstation, Player, ACE, Fusion.

d. ESX third party update for Service Console rpm RPMs

   The ESX Service Console Operating System (COS) rpm packages are
   updated to popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2,
   rpm-libs-4.4.2.3-22.el5_7.2 and rpm-python-4.4.2.3-22.el5_7.2
   which fixes multiple security issues.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the names CVE-2010-2059 and CVE-2011-3378 to these issues.

   Column 4 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware         Product   Running  Replace with/
   Product        Version   on       Apply Patch
   =============  ========  =======  =================
   vCenter        any       Windows  not affected

   hosted *       any       any      not affected

   ESXi           any       ESXi     not affected

   ESX            4.1       ESX      ESX410-201201406-SG
   ESX            4.0       ESX      patch pending
   ESX            3.5       ESX      not applicable

   * hosted products are VMware Workstation, Player, ACE, Fusion.


e. ESX third party update for Service Console samba RPMs

   The ESX Service Console Operating System (COS) samba packages are
   updated to samba-client-3.0.33-3.29.el5_7.4,
   samba-common-3.0.33-3.29.el5_7.4 and
   libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
   issues in the Samba client.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the names CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,
   CVE-2011-2522 and CVE-2011-2694 to these issues.

   Note that ESX does not include the Samba Web Administration Tool
   (SWAT) and therefore ESX COS is not affected by CVE-2011-2522 and
   CVE-2011-2694.

   Column 4 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware         Product   Running  Replace with/
   Product        Version   on       Apply Patch
   =============  ========  =======  =================
   vCenter        any       Windows  not affected

   hosted *       any       any      not affected

   ESXi           any       ESXi     not affected

   ESX            4.1       ESX      ESX410-201201407-SG
   ESX            4.0       ESX      patch pending
   ESX            3.5       ESX      not applicable

   * hosted products are VMware Workstation, Player, ACE, Fusion.

f. ESX third party update for Service Console python package

   The ESX Service Console (COS) python package is updated to
   2.4.3-44 which fixes multiple security issues.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the names CVE-2009-3720, CVE-2010-3493, CVE-2011-1015 and
   CVE-2011-1521 to these issues.

   Column 4 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware         Product   Running  Replace with/
   Product        Version   on       Apply Patch
   =============  ========  =======  =================
   vCenter        any       Windows  not affected

   hosted *       any       any      not affected

   ESXi           any       ESXi     not affected

   ESX            4.1       ESX      ESX410-201201405-SG
   ESX            4.0       ESX      patch pending
   ESX            3.5       ESX      not applicable

   * hosted products are VMware Workstation, Player, ACE, Fusion.

g. ESXi update to third party component python

   The python third party library is updated to python 2.5.6 which
   fixes multiple security issues.

   The Common Vulnerabilities and Exposures project (cve.mitre.org) has
   assigned the names CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,
   CVE-2010-2089, and CVE-2011-1521 to these issues.

   Column 4 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware         Product   Running  Replace with/
   Product        Version   on       Apply Patch
   =============  ========  =======  =================
   vCenter        any       Windows  not affected

   hosted *       any       any      not affected

   ESXi           5.0       ESXi     patch pending
   ESXi           4.1       ESXi     ESXi410-201201401-SG
   ESXi           4.0       ESXi     patch pending
   ESXi           3.5       ESXi     patch pending

   ESX            4.1       ESX      not affected
   ESX            4.0       ESX      not affected
   ESX            3.5       ESX      not affected

   * hosted products are VMware Workstation, Player, ACE, Fusion.


4. Solution

  Please review the patch/release notes for your product and version
  and verify the checksum of your downloaded file.

  VMware ESXi 4.1
  ---------------
  ESXi410-201201401
  http://downloads.vmware.com/go/selfsupport-download
md5sum: BDF86F10A973346E26C9C2CD4C424E88 sha1sum: CC0B92869A9AAE4F5E0E5B81BEE109BCD7DA780F
  http://kb.vmware.com/kb/2009143
  ESXi410-201201401 contains ESXi410-201201401-SG

  VMware ESX 4.1
  --------------
  ESX410-201201001
  http://downloads.vmware.com/go/selfsupport-download
md5sum: 16DF9ACD3E74BCABC2494BC23AD0927F sha1sum: 1066AE1436E1A75BA3D541AB65296CFB9AB7A5CC
  http://kb.vmware.com/kb/2009142

  ESX410-201201001 contains ESX410-201201401-SG, ESX410-201201402-SG,
  ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG and
  ESX410-201201407-SG

5. References

  CVE numbers

  --- COS Kernel ---
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0726
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1078
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1079
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1093
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1577
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1763
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4649
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0695
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0711
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1044
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1573
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1745
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1746
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1936
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2022
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1780
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2482
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2519
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901
  --- COS cURL ---
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192
  --- COS rpm ---
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378
  --- COS samba ---
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1678
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694
  --- COS python ---
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1015
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521
  --- python library ---
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521

----------------------------------------------------------------------

6. Change log

  2012-01-30 VMSA-2012-0001
  Initial security advisory in conjunction with the release of patches
  for ESX 4.1 and ESXi 4.1 on 2012-01-30.

----------------------------------------------------------------------

7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

 * security-announce at lists.vmware.com
 * bugtraq at securityfocus.com
 * full-disclosure at lists.grok.org.uk

E-mail:  security at vmware.com
PGP key at: http://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware security response policy
http://www.vmware.com/support/policies/security_response.html

General support life cycle policy
http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy
http://www.vmware.com/support/policies/eos_vi.html

Copyright 2012 VMware Inc.  All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: utf-8

wj8DBQFPJ5DIDEcm8Vbi9kMRAnzCAKCmaAoDp49d61Mr1emzh/U0N8vbgACdFZk8
f2pLxi537s+ew4dvnYNWlJ8=
=OAh4
-----END PGP SIGNATURE-----