This document tracks the release of the monthly patches to the Photon Operating System bundled in the VMware vCenter Server Appliance.
You can download the deliverables from the Product Patches page after you log in to VMware Customer Connect.
Installation Steps
To apply the Photon OS security patches to the vCenter Server Appliance, you can use one of the methods.
-
Deploy a new vCenter Server Appliance by using either the GUI or the CLI installer.
For information about doing a fresh install of the vCenter Server Appliance, see Deploying the vCenter Server Appliance and Platform Services Controller Appliance.
-
Upgrade to the version of the vCenter Server Appliance containing the latest Photon OS security patches by using either the GUI or the CLI installer.
For information about upgrading the vCenter Server Appliance, see Upgrading the vCenter Server Appliance and Platform Services Controller Appliance.
-
Patch the appliance either by using the appliance shell or the Appliance Management Interface.
IMPORTANT: You can update the vCenter Server Appliance with Photon OS patches released within one and the same Update release. Currently, you can patch the appliance with Photon OS patches only if you have updated the vCenter Server Appliance to 6.7 Update 3.
If you try to update the vCenter Server Appliance directly from an unsupported base version of 6.7 to the current Photon OS patch version, by using the vCenter Server Appliance Management Interface, you see a message No applicable update found. This is expected. You must first update the vCenter Server Appliance to version 6.7 Update 3 and then apply the selected Photon OS patch to the appliance.
For information on patching the vCenter Server Appliance, see Patching the vCenter Server Appliance.
-
Perform a file-based backup and restore where in the restore process you deploy a new appliance containing the latest Photon OS security patches.
For information performing a file-based backup and restore of the vCenter Server Appliance, see File-Based Backup and Restore of vCenter Server Appliance.
-
Migrate a vCenter Server on Windows instance to a version of the vCenter Server Appliance containing the latest Photon OS security patches.
For information about performing a migration of vCenter Server on Windows to vCenter Server Appliance, see Migrating vCenter Server for Windows to vCenter Server Appliance.
Upgrade Notes
Upgrades from vCenter Server 6.7 Update 1a to 6.7 Update 2a, 6.7 Update 2c, and 6.7 Update 3 are not supported. You must first upgrade to vCenter Server 6.7 Update 1b or 6.7 Update 2, and then patch your system to 6.7 Update 2a, 6.7 Update 2c, or 6.7 Update 3.
Important: Upgrades and migrations from vCenter Server 6.5 Update 3k to vCenter Server 6.7 Update 3i are not supported. For more information on vCenter Server supported upgrade and migration paths, please refer to VMware knowledge base article 67077.
For patches to VMware vCenter Server 6.7 Update 3p or later from vCenter Server Appliance Photon OS 6.7 Update 3c, 6.7 Update 3d, 6.7 Update 3e, 6.7 Update 3h, 6.7 Update 3i, 6.7 Update 3k, you must first update to VMware vCenter Server 6.7 Update 3o.
vCenter Server Appliance Photon OS Security Patches
vSphere 6.7.0 updates
| Release Date |
Build Number |
Patch Name |
Affected Package |
New Package Versions |
CVEs Addressed |
|---|---|---|---|---|---|
| 28 June 2018 | 8832884 | 6.7.0b (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
ncurses | 6.0-8 | |
| wget | 1.18-3 | ||||
| httpd | 2.4.33-1 | ||||
| librelp | 1.2.9-3 | ||||
| ruby | 2.4.4-1 | ||||
| rsync | 3.1.3-1 | ||||
| procmail | 3.22-4 | ||||
| shadow | 4.2.1-12 | ||||
| libgcrypt | 1.7.6-3 | ||||
| dnsmasq | 2.76-5 |
vSphere 6.7 Update 1
| Release Date |
Build Number |
Patch Name |
Affected Package |
New Package Versions |
CVEs Addressed |
|---|---|---|---|---|---|
| 16 October 2018 | 10244745 | 6.7 U1 (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
procps-ng | 3.3.15-1 | |
| linux | 4.4.152-1 |
||||
| pcre | 8.41-2 | ||||
| ntp | 4.2.8p11-1 | ||||
| ncurses | 6.0-9 | ||||
| curl | 7.59.0-2 | ||||
| paramiko | 1.17.6-1 | ||||
| glibc | 2.22-21 | ||||
| libmspack | 0.5alpha-3 | ||||
| xerces-c | 3.2.1-1 | ||||
| 20 December 2018 | 11338176 | 6.7 U1a (Security fixes for Photon OS) |
rpm | 4.13.0.2-1 | |
| elfutils | 0.169-2 | ||||
| libxml2 | 2.9.8-2 | ||||
| systemd | 228-48 | ||||
| httpd | 2.4.34-1 | ||||
| linux | 4.4.161-1 | ||||
| patch | 2.7.5-5 |
vSphere 6.7 Update 2
| Release Date |
Build Number |
Patch Name |
Affected Package |
New Package Versions |
CVEs Addressed |
|---|---|---|---|---|---|
| 11 April 2019 | 13010631 |
6.7 U2 (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
systemd | 228-50 | |
| linux | 4.4.171-1 |
||||
| ruby rubygem-libxml-ruby |
2.5.3-1 3.0.0-3 |
||||
| paramiko | 1.17.6-2 | ||||
| fuse | 2.9.5-3 | ||||
| python2 | 2.7.15-3 | ||||
| curl | 7.59.0-5 | ||||
| apache-tomcat | 8.5.35-1 | ||||
| libmspack | 0.5alpha-5 | ||||
| libgcrypt | 1.7.6-4 | ||||
| krb5 |
1.16-2 | CVE-2018-5730 | |||
| shadow |
4.2.1-13 | CVE-2018-7169 | |||
| file |
5.24-3 | CVE-2018-10360 | |||
| postgresql | 9.6.10-1 | ||||
| libtirpc |
1.0.1-5 | CVE-2018-14621 | |||
| glibc |
2.22-22 | CVE-2017-15671 | |||
| pkg-config | 0.28-3 | ||||
| 30 May 2019 | 13843380 | 6.7 U2b (Security fixes for Photon OS) |
systemd |
228-52 | CVE-2018-6954 |
| linux |
4.4.177-1 | CVE-2019-7221 | |||
| libxslt |
1.1.29-5 | CVE-2019-11068 | |||
| gnutls |
3.5.15-4 | CVE-2019-3829 | |||
| 16 July 2019 | 14070457 | 6.7 U2c (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
httpd | 2.4.39-1 | |
| wget | 1.20.3-1 | ||||
|
linux |
4.4.182-1 |
vSphere 6.7 Update 3
| Release Date |
Build Number |
Patch Name |
Affected Package |
New Package Versions |
CVEs Addressed |
|---|---|---|---|---|---|
| 20 August 2019 |
14367737 |
6.7 U3 (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
perl |
5.24.1-2 |
|
| openssl |
1.0.2o-3 |
||||
| glib |
2.47.6-3 |
||||
| python2 |
2.7.15-5 |
||||
| PyYAML |
3.12-3 |
||||
| python- requests |
2.13.0-2 |
||||
| gettext |
0.19.5.1-4 |
||||
| sqlite - autoconf |
3.27.2-1 |
||||
| systemd |
228-53 |
||||
| tar |
1.29-2 |
||||
| linux |
4.4.182-1 |
||||
| 24 October 2019 |
14836122 |
6.7 U3a (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
bzip2 |
1.0.6-7 |
|
| patch |
2.7.5-6 |
||||
| expat |
2.2.4-2 |
||||
| libmspack |
0.7.1alpha-2 |
||||
| linux |
4.4.191-1 |
||||
| unzip |
6.0-11 |
||||
| libxslt |
1.1.29-6 |
||||
| 05 December 2019 |
15132721 |
6.7 U3b (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
bash
|
4.3.48-4 |
|
|
sqlite-autoconf
|
3.27.2-2 |
||||
|
linux
|
4.4.180-1 |
||||
|
glib
|
2.58.3-1 |
||||
|
curl
|
7.59.0-8 |
||||
|
vim
|
7.4-12 |
||||
|
python3
|
3.5.6-7 |
||||
|
postgresql
|
9.6.14-1 |
||||
|
sudo
|
1.8.20p2-2 |
||||
| 30 January 2020 |
15505668 |
6.7 U3c (Security fixes for Photon OS) |
dhcp |
4.3.5-5 |
|
| libxslt |
1.1.29-7 |
||||
| tcpdump |
4.9.3-1 |
||||
| 27 February 2020 |
15679281 |
6.7 U3d (Security fixes for Photon OS) |
libxslt |
1.1.29-8 |
|
| sysstat |
12.2.0-1 |
||||
| 26 March 2020 |
15808844 |
6.7 U3e (Security fixes for Photon OS) |
libsolv |
0.6.19-7 |
|
| xerces-c |
3.2.2-1 |
||||
| libxml2 |
2.9.10-2 |
||||
| cpio |
2.12-3 |
||||
| 28 April 2020 |
16046470 |
6.7 U3g (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
httpd |
2.4.41-1 |
|
| python3 |
3.5.6-13 |
||||
| python2 |
2.7.15-13 |
||||
| linux |
4.4.213-2 |
||||
| tar |
1.29-4 |
||||
| libpcap |
1.9.1-1 |
||||
| file |
5.24-4 |
||||
| curl |
7.59.0-9 |
||||
| ruby |
2.5.7-1 |
||||
| sqlite-autoconf |
3.31.1-1 |
||||
| sudo |
1.8.30-1 |
||||
| dbus |
1.13.6-2 |
||||
| 28 May 2020 |
16275304 |
6.7 U3h (Security fixes for Photon OS) |
unzip |
6.0-12 |
|
| gdb |
7.8.2-10 |
||||
| 30 July 2020 |
16616482 |
6.7 U3i (Security fixes for Photon OS) |
vim |
7.4-13 |
|
|
20 August 2020
|
16708996 |
6.7 U3j (Security fixes for Photon OS are listed here. For details on other fixes, click here)
|
ncurses |
6.0-10 |
|
| cyrus-sasl |
2.1.26-12 |
||||
| file |
5.38-1 |
||||
| linux |
4.4.224-1 |
||||
| ntp |
4.2.8p14-1 |
||||
| openldap |
2.4.43-4 |
||||
| ruby |
2.5.8-1 |
||||
| glibc |
2.22-29 |
||||
| json-c |
0.13.1-1 |
||||
|
sqlite-autoconf
|
3.32.1-1
|
||||
| expat |
2.2.9-1 |
||||
| openssh |
7.4p1-12 |
||||
| systemd |
228-59
|
||||
| httpd |
2.4.43-1 |
||||
| PyYAML |
3.12-5 |
||||
| perl |
5.24.1-6 |
||||
| 22 October 2020 |
17028579 |
6.7 U3k (Security fixes for Photon OS) |
libxml2 |
2.9.10-3 |
|
| 19 November 2020 |
17138064 |
6.7 U3l (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
bindutils |
9.16.6-1 |
|
| cifs-utils |
6.4-3 |
||||
| gnutls |
3.5.15-5 |
||||
| postgresql |
9.6.19-1 |
||||
| linux |
4.4.234-5 |
||||
| grub2 |
2.04-1 |
||||
| httpd |
2.4.46-1 |
||||
| linux-esx |
4.4.234-5 |
||||
| net-snmp |
5.7.3-11 |
||||
| python2 |
2.7.15-17 |
||||
| python3 |
3.5.6-16 |
||||
| python-Twisted |
17.1.0-9 |
||||
| sqlite-autoconf |
3.32.1-2 |
||||
| 18 March 2021
|
17713310
|
6.7 U3m (Security fixes for Photon OS are listed here. For details on other fixes, click here)
|
atftp |
0.7.1-10.ph1 |
|
| curl |
7.59.0-12.ph1 |
||||
| dnsmasq |
2.82-1.ph1 |
CVE-2020-25681 |
|||
| glib |
2.58.3-2.ph1 |
||||
| glibc |
2.22-32.ph1 |
||||
| linux |
4.4.250-1.ph1 |
||||
| openldap |
2.4.43-5.ph1 |
||||
| openssl |
1.0.2x-2.ph1 |
||||
| postgresql |
9.6.20-1.ph1 |
||||
| postgresql-libs |
9.6.20-1.ph1 |
||||
| python3 |
3.5.6-18.ph1 |
||||
| python3-devel |
3.5.6-18.ph1 |
||||
| python3-libs |
3.5.6-18.ph1 |
||||
| ruby |
2.5.8-2.ph1 |
||||
| sudo |
1.9.5-2.ph1 |
||||
| tcpdump |
4.9.3-2.ph1 |
||||
| 23 November 2021 |
18831133 |
6.7 U3p (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
util-linux |
2.27.1-7.ph1 |
|
| curl |
7.78.0-2.ph1 |
||||
| httpd |
2.4.48-2.ph1 |
||||
| cpio |
2.13-1.ph1 |
||||
|
14 June 2022
|
19832974
|
6.7 U3r (Security fixes for Photon OS are listed here. For details on other fixes, click here)
|
atftp |
0.7.1-11 |
|
| bindutils |
9.16.22-1 |
||||
| expat |
2.2.9-8 |
||||
| glibc |
2.22-39 |
||||
| httpd |
2.4.53-1 |
||||
| libgcrypt |
1.7.6-8 |
||||
| libxml2 |
2.9.11-3 |
||||
| linux |
4.4.302-1 |
||||
| ncurses |
6.0-11 |
||||
| nss |
3.44-5 |
||||
| openssh |
7.4p1-13 |
||||
| python3-urllib3 |
3-1.26.6-1 |
||||
| python3-Pygments |
2.9.0-1 |
||||
| runc |
1.0.0.rc93-5 |
||||
| 6th October 2022 | 20540798 | 6.7 U3s (Security fixes for Photon OS are listed here. For details on other fixes, click here) |
httpd | 2.4.54-1 | |
| linux | 4.4.302-2 | CVE-2022-1998 CVE-2022-32296 CVE-2022-1943 CV-2022-1966 CVE-2022-1789 CVE-2022-1786 CVE-2022-1678 CVE-2022-29581 CVE-2022-1734 CVE-2022-30594 CVE-2021-6401 CVE-2022-29968 CVE-2022-29582 CVE-2022-20008 CVE-2022-28796 CVE-2022-1419 CVE-2022-1353 CVE-2022-2889 CVE-2022-1280 CVE-2021-0707 CVE-2022-28356 CVE-2021-33061 CVE-2021-39714 CVE-2022-1015 CVE-2022-0494 CVE-022-0854 CVE-2022-0742 CVE-2021-39711 CVE-2022-1011 CVE-2022-0995 CVE-2021-4023 CVE-2022-23960 CVE-2022-2342 CVE-2022-23041 CVE-2022-23040 CVE-2022-23039 CVE-2022-23038 CVE-2022-23037 CVE-2022-23036 CVE-2022-0500 CVE-2021-39713 CVE-2022-0002 CVE-2022-0001 CVE-2022-24448 CVE-2021-4148 CVE-2021-4197 CVE-2021-4150 CVE-221-4149 CVE-2021-39633 CVE-2021-39636 CVE-2021-39656 CVE-2021-39648 CVE-2021-33098 CVE-2021-0941 CVE-2021-0317 CVE-2021-35477 CVE-2021-34556 CVE-2020-26145 CVE-2020-26141 CVE-2021-29155 CVE-2021-28951 CVE-2020-1264 CVE-2020-12363 CVE-2015-1350 CVE-2020-8832 CVE-2015-2877 |
|||
| openldap | 2.4.57-3 | ||||
| audit | 2.5.2-3 | CVE-2022-24921 | |||
| bindutils | 9.16.27-1 | CVE-2021-45078 |
