VMware vCenter Server Appliance Photon OS Security Patches

|

Last updated on:  15 November 2017

vCenter Server Appliance Photon OS Patches

This document tracks the release of the monthly patches to the Photon Operating System bundled in the VMware vCenter Server Appliance.

You can download the deliverables from the VMware Patch Download Center.

IMPORTANT: vCenter Server Appliance 6.5 builds have been removed as of November 14, 2017 due to a deployment-impacting issue. This issue does not impact Windows installed vCenter Servers. To resolve this issue, you must upgrade to vCenter Server Appliance 6.5 Update 1c or later. For more information, see KB 51124.

Installation Steps

To apply the Photon OS security patches to the vCenter Server Appliance, you can use one of the methods.

  • Deploy a new vCenter Server Appliance by using either the GUI or the CLI installer.

    For information about doing a fresh install of the vCenter Server Appliance, see Deploying the vCenter Server Appliance and Platform Services Controller Appliance.

  • Upgrade to the version of the vCenter Server Appliance containing the latest Photon OS security patches by using either the GUI or the CLI installer.

    For information about upgrading the vCenter Server Appliance, see Upgrading the vCenter Server Appliance and Platform Services Controller Appliance.

  • Patch the appliance either by using the appliance shell or the Appliance Management Interface.

    IMPORTANT: You can update the vCenter Server Appliance with Photon OS patches released within one and the same Update release. Currently, you can patch the appliance with Photon OS patches only if you have updated the vCenter Server Appliance to 6.5 Update 1.

    If you try to update the vCenter Server Appliance directly from an unsupported base version of 6.5 to the current Photon OS patch version, by using the vCenter Server Appliance Management Interface, the process fails. This is expected, but the error message that you see is a generic one. To see the correct error message, check the log files.

    For information on patching the vCenter Server Appliance, see Patching the vCenter Server Appliance.

  • Perform a file-based backup and restore where in the restore process you deploy a new appliance containing the latest Photon OS security patches..

  • For information performing a file-based backup and restore of the vCenter Server Appliance, see File-Based Backup and Restore of vCenter Server Appliance.

  • Migrate a vCenter Server on Windows instance to a version of the vCenter Server Appliance containing the latest Photon OS security patches.

    For information about performing a migration of vCenter Server on Windows to vCenter Server Appliance, see Migrating vCenter Server for Windows to vCenter Server Appliance.

 

vCenter Server Appliance Photon OS Security Patches

vSphere 6.5 Update 1

Release Date

Build Number

Patch Name

Affected Package

New Package Versions

CVEs Addressed

21 September 2017

6671409

6.5 U1a
(Security fixes for PhotonOS)

Httpd

2.4.27-1

CVE-2017-3167
CVE-2017-9788
CVE-2017-9789

Pycrypto

2.7a1-3

CVE-2013-7459

Linux

4.4.79-1

CVE-2017-11176
CVE-2017-11473
CVE-2017-7541

Ncurses

6.0-5

CVE-2017-10684
CVE-2017-10685

26 October 2017 6816762 6.5 U1b
(Security fixes for PhotonOS are listed here. For details on other fixes, click here)
Ruby 2.4.0-5

CVE-2017-9224
 CVE-2017-9225
CVE-2017-9227
CVE-2017-9228
CVE-2017-9229

rsyslog 8.15.0-6

CVE-2017-12588

Linux 4.4.82-1

CVE-2017-1000112
 CVE-2017-7533
CVE-2017-7542
 CVE-2017-10911

Shadow 4.2.1-11 CVE-2017-12424

The above listed patches are cumulative. The content of the latest patch will accumulate the content from prior patches as well.