Release Date: 25 JAN 2022

Build Details

Download Filename: ESXi670-202201001.zip
Build: 19195723
Download Size: 478.2 MB
md5sum: eb8ffccf1066ff84c56d959ced227e84
sha256checksum: 30d313abb16ac2ea742629dbd3eb31862a50d530f2cc5a505d60aff350a84b53
Host Reboot Required: Yes
Virtual Machine Migration or Shutdown Required: Yes

Bulletins

Bulletin ID Category Severity
ESXi670-202201401-BG Bugfix Important

Rollup Bulletin

This rollup bulletin contains the latest VIBs with all the fixes since the initial release of ESXi 6.7.

Bulletin ID Category Severity
ESXi670-202201001 Bugfix Important

IMPORTANT: For clusters using VMware vSAN, you must first upgrade the vCenter Server system. Upgrading only the ESXi hosts is not supported.
Before an upgrade, always verify in the VMware Product Interoperability Matrix compatible upgrade paths from earlier versions of ESXi, vCenter Server and vSAN to the current version. 

Image Profiles

VMware patch and update releases contain general and critical image profiles. Application of the general release image profile applies to new bug fixes.

Image Profile Name
ESXi-6.7.0-20220104001-standard
ESXi-6.7.0-20220104001-no-tools

For more information about the individual bulletins, see the Product Patches page and the Resolved Issues section.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is by using the VMware vSphere Update Manager. For details, see the About Installing and Administering VMware vSphere Update Manager.
ESXi hosts can be updated by manually downloading the patch ZIP file from VMware Customer Connect. From the Select a Product drop-down menu, select ESXi (Embedded and Installable) and from the Select a Version drop-down menu, select 6.7.0. Install VIBs by using the esxcli software vib update command. Additionally, you can update the system by using the image profile and the esxcli software profile update command.

For more information, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide.

Resolved Issues

The resolved issues are grouped as follows.

ESXi670-202201401-BG
Patch Category Bugfix
Patch Severity Important
Host Reboot Required Yes
Virtual Machine Migration or Shutdown Required Yes
Affected Hardware N/A
Affected Software N/A
VIBs Included
  • VMware_bootbank_esx-update_6.7.0-3.163.19195723
  • VMware_bootbank_vsan_6.7.0-3.163.19184739
  • VMware_bootbank_vsanhealth_6.7.0-3.163.19184740
  • VMware_bootbank_esx-base_6.7.0-3.163.19195723
PRs Fixed  2894555, 2885639
CVE numbers N/A

Updates esx-base, esx-update, vsan, and vsanhealth VIBs to resolve the following issues:

  • PR 2894555: Changes to disks configured as independent and nonpersistent do not last after a virtual machine reboot

    When you power off or reset a virtual machine, changes to disks in nonpersistent mode are not saved by default. However, the redo logs of virtual machines with disks in independent nonpersistent mode are not saved also when the VM reboots.

    This issue is resolved in this release. Using independent nonpersistent disks is not a good practice. For more information, see Virtual Machine Security Best Practices and Avoid Using Independent Nonpersistent Disks.

  • PR 2885639: You can connect to port 9080 by using restricted DES/3DES ciphers

    With the OPENSSL command openssl s_client -cipher <CIPHER> -connect localhost:9080 you can connect to port 9080 by using restricted DES/3DES ciphers. 

    This issue is resolved in this release. You cannot connect to port 9080 by using the following ciphers: DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, ECDHE-RSA-DES-CBC3-SHA, and AECDH-DES-CBC3-SHA.

ESXi-6.7.0-20220104001-standard
Profile Name ESXi-6.7.0-20220104001-standard
Build For build information, see Patches Contained in this Release.
Vendor VMware, Inc.
Release Date January 25, 2022
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-update_6.7.0-3.163.19195723
  • VMware_bootbank_vsan_6.7.0-3.163.19184739
  • VMware_bootbank_vsanhealth_6.7.0-3.163.19184740
  • VMware_bootbank_esx-base_6.7.0-3.163.19195723
PRs Fixed 2894555, 2885639
Related CVE numbers N/A
  • This patch updates the following issues:
    • When you power off or reset a virtual machine, changes to disks in nonpersistent mode are not saved by default. However, the redo logs of virtual machines with disks in independent nonpersistent mode are not saved also when the VM reboots.

    • With the OPENSSL command openssl s_client -cipher <CIPHER> -connect localhost:9080 you can connect to port 9080 by using restricted DES/3DES ciphers. 

ESXi-6.7.0-20220104001-no-tools
Profile Name ESXi-6.7.0-20220104001-no-tools
Build For build information, see Patches Contained in this Release.
Vendor VMware, Inc.
Release Date January 25, 2022
Acceptance Level PartnerSupported
Affected Hardware N/A
Affected Software N/A
Affected VIBs
  • VMware_bootbank_esx-update_6.7.0-3.163.19195723
  • VMware_bootbank_vsan_6.7.0-3.163.19184739
  • VMware_bootbank_vsanhealth_6.7.0-3.163.19184740
  • VMware_bootbank_esx-base_6.7.0-3.163.19195723
PRs Fixed 2894555, 2885639
Related CVE numbers N/A
  • This patch updates the following issues:
    • When you power off or reset a virtual machine, changes to disks in nonpersistent mode are not saved by default. However, the redo logs of virtual machines with disks in independent nonpersistent mode are not saved also when the VM reboots.

    • With the OPENSSL command openssl s_client -cipher <CIPHER> -connect localhost:9080 you can connect to port 9080 by using restricted DES/3DES ciphers. 

Known Issues from Prior Releases

To view a list of previous known issues, click here.

check-circle-line exclamation-circle-line close-line
Scroll to top icon