Release Date: MAY 14, 2019
Download Filename:
ESXi670-201905001.zip
Build:
13644319
Download Size:
316.2 MB
md5sum:
b419446f895294ffd919885545e691be
sha1checksum:
16e02a13e90fd1aa85d3f2016a652c1fcb3a6a66
Host Reboot Required: Yes
Virtual Machine Migration or Shutdown Required: Yes
Bulletins
Bulletin ID | Category | Severity |
ESXi670-201905401-BG | Bugfix | Important |
ESXi670-201905402-BG | Bugfix | Important |
ESXi670-201905403-BG | Bugfix | Important |
Rollup Bulletin
This rollup bulletin contains the latest VIBs with all the fixes since the initial release of ESXi 6.7.
Bulletin ID | Category | Severity |
ESXi670-201905001 | Bugfix | Important |
Image Profiles
VMware patch and update releases contain general and critical image profiles. Application of the general release image profile applies to new bug fixes.
Image Profile Name |
ESXi-6.7.0-20190504001-standard |
ESXi-6.7.0-20190504001-no-tools |
For more information about the individual bulletins, see the Download Patches page and the Resolved Issues section.
Patch Download and Installation
The typical way to apply patches to ESXi hosts is through the VMware vSphere Update Manager. For details, see the About Installing and Administering VMware vSphere Update Manager.
ESXi hosts can be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command. Additionally, the system can be updated using the image profile and the esxcli software profile command.
For more information, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide.
Resolved Issues
The resolved issues are grouped as follows.
- ESXi670-201905401-BG
- ESXi670-201905402-BG
- ESXi670-201905403-BG
- ESXi-6.7.0-20190504001-standard
- ESXi-6.7.0-20190504001-no-tools
Patch Category | Bugfix |
Patch Severity | Important |
Host Reboot Required | Yes |
Virtual Machine Migration or Shutdown Required | Yes |
Affected Hardware | N/A |
Affected Software | N/A |
VIBs Included |
|
PRs Fixed | N/A |
Related CVE numbers | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 |
This patch updates the esx-base, esx-update, vsan and vsanhealth
VIBs to resolve the following issue:
ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.
NOTE: At the time of this publication updated Sandy Bridge EP Microcode Updates (MCUs) had not yet been provided to VMware. Customers on this microarchitecture may request MCUs from their hardware vendor in the form of a BIOS update. This microcode will be included in future releases of ESXi.
Patch Category | Bugfix |
Patch Severity | Important |
Host Reboot Required | Yes |
Virtual Machine Migration or Shutdown Required | Yes |
Affected Hardware | N/A |
Affected Software | N/A |
VIBs Included |
|
PRs Fixed | N/A |
Related CVE numbers | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 |
This patch updates the cpu-microcode VIB to resolve the following issue:
ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.
NOTE: At the time of this publication updated Sandy Bridge EP Microcode Updates (MCUs) had not yet been provided to VMware. Customers on this microarchitecture may request MCUs from their hardware vendor in the form of a BIOS update. This microcode will be included in future releases of ESXi.
- The cpu-microcode VIB includes the following Intel microcode:
Code Name FMS Plt ID MCU Rev MCU Date Brand Names Nehalem EP 0x106a5 0x03 0x0000001d 5/11/2018 Intel Xeon 35xx Series;
Intel Xeon 55xx SeriesLynnfield 0x106e5 0x13 0x0000000a 5/8/2018 Intel Xeon 34xx Lynnfield Series Clarkdale 0x20652 0x12 0x00000011 5/8/2018 Intel i3/i5 Clarkdale Series;
Intel Xeon 34xx Clarkdale SeriesArrandale 0x20655 0x92 0x00000007 4/23/2018 Intel Core i7-620LE Processor Sandy Bridge DT 0x206a7 0x12 0x0000002f 2/17/2019 Intel Xeon E3-1100 Series;
Intel Xeon E3-1200 Series;
Intel i7-2655-LE Series;
Intel i3-2100 SeriesWestmere EP 0x206c2 0x03 0x0000001f 5/8/2018 Intel Xeon 56xx Series;
Intel Xeon 36xx SeriesSandy Bridge EP 0x206d7 0x6d 0x00000714 5/8/2018 Intel Pentium 1400 Series;
Intel Xeon E5-1400 Series;
Intel Xeon E5-1600 Series;
Intel Xeon E5-2400 Series;
Intel Xeon E5-2600 Series;
Intel Xeon E5-4600 SeriesNehalem EX 0x206e6 0x04 0x0000000d 5/15/2018 Intel Xeon 65xx Series;
Intel Xeon 75xx SeriesWestmere EX 0x206f2 0x05 0x0000003b 5/16/2018 Intel Xeon E7-8800 Series;
Intel Xeon E7-4800 Series;
Intel Xeon E7-2800 SeriesIvy Bridge DT 0x306a9 0x12 0x00000021 2/13/2019 Intel i3-3200 Series;
Intel i7-3500-LE/UE;
Intel i7-3600-QE;
Intel Xeon E3-1200-v2 Series;
Intel Xeon E3-1100-C-v2 Series;
Intel Pentium B925CHaswell DT 0x306c3 0x32 0x00000027 2/26/2019 Intel Xeon E3-1200-v3 Series;
Intel i7-4700-EQ Series;
Intel i5-4500-TE Series;
Intel i3-4300 SeriesIvy Bridge EP 0x306e4 0xed 0x0000042e 3/14/2019 Intel Xeon E5-4600-v2 Series;
Intel Xeon E5-2600-v2 Series;
Intel Xeon E5-2400-v2 Series;
Intel Xeon E5-1600-v2 Series;
Intel Xeon E5-1400-v2 SeriesIvy Bridge EX 0x306e7 0xed 0x00000715 3/14/2019 Intel Xeon E7-8800/4800/2800-v2 Series Haswell EP 0x306f2 0x6f 0x00000043 3/1/2019 Intel Xeon E5-4600-v3 Series;
Intel Xeon E5-2600-v3 Series;
Intel Xeon E5-2400-v3 Series;
Intel Xeon E5-1600-v3 Series;
Intel Xeon E5-1400-v3 SeriesHaswell EX 0x306f4 0x80 0x00000014 3/1/2019 Intel Xeon E7-8800/4800-v3 Series Broadwell H 0x40671 0x22 0x00000020 3/7/2019 Intel Core i7-5700EQ;
Intel Xeon E3-1200-v4 SeriesAvoton 0x406d8 0x01 0x0000012a 1/4/2018 Intel Atom C2300 Series;
Intel Atom C2500 Series;
Intel Atom C2700 SeriesBroadwell EP/EX 0x406f1 0xef 0x0b000036 3/2/2019 Intel Xeon E7-8800/4800-v4 Series;
Intel Xeon E5-4600-v4 Series;
Intel Xeon E5-2600-v4 Series;
Intel Xeon E5-1600-v4 SeriesSkylake SP 0x50654 0xb7 0x0200005e 4/2/2019 Intel Xeon Platinum 8100 Series;
Intel Xeon Gold 6100/5100, Silver 4100, Bronze 3100 Series;
Intel Xeon D-2100 Series;
Intel Xeon D-1600 Series;
Intel Xeon W-3100 Series;
Intel Xeon W-2100 SeriesCascade Lake 0x50657 0xbf 0x05000021 2/27/2019 Intel Xeon Platinum 9200/8200 Series;
Intel Xeon Gold 6200/5200;
Intel Xeon Silver 4200/Bronze 3200;
Intel Xeon W-3200Broadwell DE 0x50662 0x10 0x0000001a 3/23/2019 Intel Xeon D-1500 Series Broadwell DE 0x50663 0x10 0x07000017 3/23/2019 Intel Xeon D-1500 Series Broadwell DE 0x50664 0x10 0x0f000015 3/23/2019 Intel Xeon D-1500 Series Broadwell NS 0x50665 0x10 0x0e00000d 3/23/2019 Intel Xeon D-1600 Series Skylake H/S 0x506e3 0x36 0x000000cc 4/1/2019 Intel Xeon E3-1500-v5 Series;
Intel Xeon E3-1200-v5 SeriesDenverton 0x506f1 0x01 0x0000002e 3/21/2019 Intel Atom C3000 Series Kaby Lake H/S/X 0x906e9 0x2a 0x000000b4 4/1/2019 Intel Xeon E3-1200-v6 Series;
Intel Xeon E3-1500-v6 SeriesCoffee Lake H/S 0x906ea 0x22 0x000000b4 4/1/2019 Intel Xeon E-2100 Series Coffee Lake H/S 0x906eb 0x02 0x000000b4 4/1/2019 Intel Xeon E-2100 Series Coffee Lake H/S 0x906ec 0x22 0x000000ae 2/14/2019 Intel Xeon E-2100 Series Coffee Lake Refresh 0x906ed 0x22 0x000000b8 3/17/2019 Intel Xeon E-2200 Series
Patch Category | Bugfix |
Patch Severity | Important |
Host Reboot Required | No |
Virtual Machine Migration or Shutdown Required | No |
Affected Hardware | N/A |
Affected Software | N/A |
VIBs Included |
|
PRs Fixed | 2331401 |
Related CVE numbers | N/A |
This patch updates the esx-ui VIB to resolve the following issue:
- PR 2331401: You cannot send keys to the guest OS by using the drop-down list in the VMware Remote Console
You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.
This issue is resolved in this release.
Profile Name | ESXi-6.7.0-20190504001-standard |
Build | For build information, see the top of the page. |
Vendor | VMware, Inc. |
Release Date | May 14, 2019 |
Acceptance Level | PartnerSupported |
Affected Hardware | N/A |
Affected Software | N/A |
Affected VIBs |
|
PRs Fixed | 2331401 |
Related CVE numbers | N/A |
- This patch updates the following issues:
-
ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.
-
You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.
-
Profile Name | ESXi-6.7.0-20190504001-no-tools |
Build | For build information, see the top of the page. |
Vendor | VMware, Inc. |
Release Date | May 14, 2019 |
Acceptance Level | PartnerSupported |
Affected Hardware | N/A |
Affected Software | N/A |
Affected VIBs |
|
PRs Fixed | 2331401 |
Related CVE numbers | N/A |
- This patch updates the following issues:
-
ESXi 670-201905001 supports Hypervisor-Specific Mitigations and Hypervisor-Assisted Guest Mitigations for Microarchitectural Data Sampling (MDS) vulnerabilities identified by CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091. For more information, see VMware Security Advisory VMSA-2019-0008.
-
You can select a key from the drop-down list in the VMware Remote Console, but the key is not actually sent to the guest OS. The issue does not affect sending keys by using the keyboard.
-