check-circle-line exclamation-circle-line close-line

VMware ESXi 6.7, Patch Release ESXi670-201905001

Release Date: MAY 14, 2019

Download Filename:

ESXi670-201905001.zip

Build:

13644319

Download Size:

316.2 MB

md5sum:

b419446f895294ffd919885545e691be

sha1checksum:

16e02a13e90fd1aa85d3f2016a652c1fcb3a6a66

Host Reboot Required: Yes

Virtual Machine Migration or Shutdown Required: Yes

Bulletins

Bulletin ID Category Severity
ESXi670-201905401-BG Bugfix Important
ESXi670-201905402-BG Bugfix Important
ESXi670-201905403-BG Bugfix Important

Rollup Bulletin

This rollup bulletin contains the latest VIBs with all the fixes since the initial release of ESXi 6.7.

Bulletin ID Category Severity
ESXi670-201905001 Bugfix Important

Image Profiles

VMware patch and update releases contain general and critical image profiles. Application of the general release image profile applies to new bug fixes.

Image Profile Name
ESXi-6.7.0-20190504001-standard
ESXi-6.7.0-20190504001-no-tools

For more information about the individual bulletins, see the Download Patches page and the Resolved Issues section.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is through the VMware vSphere Update Manager. For details, see the About Installing and Administering VMware vSphere Update Manager.

ESXi hosts can be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command. Additionally, the system can be updated using the image profile and the esxcli software profile command.

For more information, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide.

Resolved Issues

The resolved issues are grouped as follows.

ESXi670-201905401-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_esx-base_6.7.0-2.55.13644319
  • VMware_bootbank_vsanhealth_6.7.0-2.55.13356305
  • VMware_bootbank_esx-update_6.7.0-2.55.13644319
  • VMware_bootbank_vsan_6.7.0-2.55.13356300
PRs Fixed  N/A
Related CVE numbers CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

This patch updates the esx-base, esx-update, vsan and vsanhealth VIBs to resolve the following issue:

  • ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.

    NOTE: At the time of this publication updated Sandy Bridge DT/EP Microcode Updates (MCUs) had not yet been provided to VMware. Customers on this microarchitecture may request MCUs from their hardware vendor in the form of a BIOS update. This microcode will be included in future releases of ESXi.

ESXi670-201905402-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_cpu-microcode_6.7.0-2.55.13644319
PRs Fixed  N/A
Related CVE numbers CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

This patch updates the cpu-microcode VIB to resolve the following issue:

  • ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.

    NOTE: At the time of this publication updated Sandy Bridge DT/EP Microcode Updates (MCUs) had not yet been provided to VMware. Customers on this microarchitecture may request MCUs from their hardware vendor in the form of a BIOS update. This microcode will be included in future releases of ESXi.

ESXi670-201905403-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required No
Virtual Machine Migration or Shutdown Required No
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_esx-ui_1.33.3-13454473
PRs Fixed  2331401
Related CVE numbers N/A

This patch updates the esx-ui VIB to resolve the following issue:

  • PR 2331401: You cannot send keys to the guest OS by using the drop-down list in the VMware Remote Console

    You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.

    This issue is resolved in this release.

ESXi-6.7.0-20190504001-standard
Profile Name ESXi-6.7.0-20190504001-standard
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date May 14, 2019
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-base_6.7.0-2.55.13644319
  • VMware_bootbank_vsanhealth_6.7.0-2.55.13356305
  • VMware_bootbank_esx-update_6.7.0-2.55.13644319
  • VMware_bootbank_vsan_6.7.0-2.55.13356300
  • VMware_bootbank_cpu-microcode_6.7.0-2.55.13644319
  • VMware_bootbank_esx-ui_1.33.3-13454473
PRs Fixed 2331401 
Related CVE numbers N/A
  • This patch updates the following issues:
    • ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.

    • You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.

ESXi-6.7.0-20190504001-no-tools
Profile Name ESXi-6.7.0-20190504001-no-tools
Build For build information, see the top of the page.
Vendor VMware, Inc.
Release Date May 14, 2019
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-base_6.7.0-2.55.13644319
  • VMware_bootbank_vsanhealth_6.7.0-2.55.13356305
  • VMware_bootbank_esx-update_6.7.0-2.55.13644319
  • VMware_bootbank_vsan_6.7.0-2.55.13356300
  • VMware_bootbank_cpu-microcode_6.7.0-2.55.13644319
  • VMware_bootbank_esx-ui_1.33.3-13454473
PRs Fixed 2331401 
Related CVE numbers N/A
  • This patch updates the following issues:
    • ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.

    • You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.