[Security-announce] UPDATED: VMSA-2012-0001.2 VMware ESXi and ESX updates to third party library and ESX Service Console

VMware Security Announcements security-announce at lists.vmware.com
Thu Mar 29 18:59:22 PDT 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 ----------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID: VMSA-2012-0001.2
Synopsis:    VMware ESXi and ESX updates to third party library
             and ESX Service Console
Issue date:  2012-01-30
Updated on:  2012-03-29
CVE numbers: --- COS Kernel ---
             CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,
             CVE-2011-1080, CVE-2011-1093, CVE-2011-1163,
             CVE-2011-1166, CVE-2011-1170, CVE-2011-1171,
             CVE-2011-1172, CVE-2011-1494, CVE-2011-1495,
             CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,
             CVE-2011-0695, CVE-2011-0711, CVE-2011-1044,
             CVE-2011-1182, CVE-2011-1573, CVE-2011-1576,
             CVE-2011-1593, CVE-2011-1745, CVE-2011-1746,
             CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,
             CVE-2011-2213, CVE-2011-2492, CVE-2011-1780,
             CVE-2011-2525, CVE-2011-2689, CVE-2011-2482,
             CVE-2011-2491, CVE-2011-2495, CVE-2011-2517,
             CVE-2011-2519, CVE-2011-2901
             --- COS cURL ---
             CVE-2011-2192
             --- COS rpm ---
             CVE-2010-2059, CVE-2011-3378
             --- COS samba ---
             CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,
             CVE-2011-2522, CVE-2011-2694
             --- COS python ---
             CVE-2009-3720, CVE-2010-3493, CVE-2011-1015,
             CVE-2011-1521
             --- python library ---
             CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,
             CVE-2010-2089, CVE-2011-1521
 ----------------------------------------------------------------------

1. Summary

   VMware ESXi and ESX updates to third party library and ESX Service
   Console address several security issues.

2. Relevant releases

   ESXi 5.0 without patch ESXi500-201203101-SG

   ESXi 4.1 without patch ESXi410-201201401-SG

   ESXi 4.0 without patch ESXi400-201203401-SG

   ESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG,
                           ESX410-201201404-SG, ESX410-201201405-SG,
                           ESX410-201201406-SG, ESX410-201201407-SG

   ESX 4.0 without patches ESX400-201203401-SG, ESX400-201203402-SG,
                           ESX400-201203403-SG, ESX400-201203404-SG,
                           ESX400-201203405-SG

3. Problem Description

   a. ESX third party update for Service Console kernel
  
      The ESX Service Console Operating System (COS) kernel is updated to
      kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the
      COS kernel.
  
      The Common Vulnerabilities and Exposures project (cve.mitre.org) has
      assigned the names CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,
      CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166,
      CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494,
      CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,
      CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182,
      CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745,
      CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,
      CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525,
      CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495,
      CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 to these issues.
  
      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is
      available.
  
      VMware         Product   Running  Replace with/
      Product        Version   on       Apply Patch
      =============  ========  =======  =================
      vCenter        any       Windows  not affected
  
      hosted *       any       any      not affected
  
      ESXi           any       ESXi     not affected
  
      ESX            4.1       ESX      ESX410-201201401-SG
      ESX            4.0       ESX      see VMSA-2012-0006
      ESX            3.5       ESX      not applicable
  
      * hosted products are VMware Workstation, Player, ACE, Fusion.
  
   b. ESX third party update for Service Console cURL RPM
  
      The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9
      resolving a security issues.
  
      The Common Vulnerabilities and Exposures project (cve.mitre.org) has
      assigned the name CVE-2011-2192 to this issue.
  
      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is
      available.
  
      VMware         Product   Running  Replace with/
      Product        Version   on       Apply Patch
      =============  ========  =======  =================
      vCenter        any       Windows  not affected
  
      hosted *       any       any      not affected
  
      ESXi           any       ESXi     not affected
  
      ESX            4.1       ESX      ESX410-201201402-SG
      ESX            4.0       ESX      ESX400-201203403-SG
      ESX            3.5       ESX      not applicable
  
      * hosted products are VMware Workstation, Player, ACE, Fusion.
  
   c. ESX third party update for Service Console nspr and nss RPMs
  
      The ESX Service Console (COS) nspr and nss RPMs are updated to
      nspr-4.8.8-1.el5_7 and nss-3.12.10-4.el5_7 respectively resolving
      a security issues.
  
      A Certificate Authority (CA) issued fraudulent SSL certificates and
      Netscape Portable Runtime (NSPR) and Network Security Services (NSS)
      contain the built-in tokens of this fraudulent Certificate
      Authority. This update renders all SSL certificates signed by the
      fraudulent CA as untrusted for all uses.
  
      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is
      available.
  
      VMware         Product   Running  Replace with/
      Product        Version   on       Apply Patch
      =============  ========  =======  =================
      vCenter        any       Windows  not affected
  
      hosted *       any       any      not affected
  
      ESXi           any       ESXi     not affected
  
      ESX            4.1       ESX      ESX410-201201404-SG
      ESX            4.0       ESX      ESX400-201203401-SG
      ESX            3.5       ESX      not applicable
  
      * hosted products are VMware Workstation, Player, ACE, Fusion.
  
   d. ESX third party update for Service Console rpm RPMs
  
      The ESX Service Console Operating System (COS) rpm packages are
      updated to popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2,
      rpm-libs-4.4.2.3-22.el5_7.2 and rpm-python-4.4.2.3-22.el5_7.2
      which fixes multiple security issues.
  
      The Common Vulnerabilities and Exposures project (cve.mitre.org) has
      assigned the names CVE-2010-2059 and CVE-2011-3378 to these
      issues.
  
      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is
      available.
  
      VMware         Product   Running  Replace with/
      Product        Version   on       Apply Patch
      =============  ========  =======  =================
      vCenter        any       Windows  not affected
  
      hosted *       any       any      not affected
  
      ESXi           any       ESXi     not affected
  
      ESX            4.1       ESX      ESX410-201201406-SG
      ESX            4.0       ESX      ESX400-201203405-SG **
      ESX            3.5       ESX      not applicable
  
      * hosted products are VMware Workstation, Player, ACE, Fusion.
  
      ** In ESX 4.0, CVE-2010-2059 was addressed in patch
         ESX400-201103406-SG and disclosed in VMSA-2011-0004.
         CVE-2011-3378 is addressed in patch ESX400-201203405-SG.
  
   e. ESX third party update for Service Console samba RPMs
  
      The ESX Service Console Operating System (COS) samba packages are
      updated to samba-client-3.0.33-3.29.el5_7.4,
      samba-common-3.0.33-3.29.el5_7.4 and
      libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
      issues in the Samba client.
  
      The Common Vulnerabilities and Exposures project (cve.mitre.org) has
      assigned the names CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,
      CVE-2011-2522 and CVE-2011-2694 to these issues.
  
      Note that ESX does not include the Samba Web Administration Tool
      (SWAT) and therefore ESX COS is not affected by CVE-2011-2522 and
      CVE-2011-2694.
  
      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is
      available.
  
      VMware         Product   Running  Replace with/
      Product        Version   on       Apply Patch
      =============  ========  =======  =================
      vCenter        any       Windows  not affected
  
      hosted *       any       any      not affected
  
      ESXi           any       ESXi     not affected
  
      ESX            4.1       ESX      ESX410-201201407-SG
      ESX            4.0       ESX      ESX400-201203404-SG
      ESX            3.5       ESX      not applicable
  
      * hosted products are VMware Workstation, Player, ACE, Fusion.
  
   f. ESX third party update for Service Console python package
  
      The ESX Service Console (COS) python package is updated to
      2.4.3-44 which fixes multiple security issues.
  
      The Common Vulnerabilities and Exposures project (cve.mitre.org) has
      assigned the names CVE-2009-3720, CVE-2010-3493, CVE-2011-1015 and
      CVE-2011-1521 to these issues.
  
      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is
      available.
  
      VMware         Product   Running  Replace with/
      Product        Version   on       Apply Patch
      =============  ========  =======  =================
      vCenter        any       Windows  not affected
  
      hosted *       any       any      not affected
  
      ESXi           any       ESXi     not affected
  
      ESX            4.1       ESX      ESX410-201201405-SG
      ESX            4.0       ESX      ESX400-201203402-SG
      ESX            3.5       ESX      not applicable
  
      * hosted products are VMware Workstation, Player, ACE, Fusion.
  
   g. ESXi update to third party component python
  
      The python third party library is updated to python 2.5.6 which
      fixes multiple security issues.
  
      The Common Vulnerabilities and Exposures project (cve.mitre.org) has
      assigned the names CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,
      CVE-2010-2089, and CVE-2011-1521 to these issues.
  
      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is
      available.
  
      VMware         Product   Running  Replace with/
      Product        Version   on       Apply Patch
      =============  ========  =======  =================
      vCenter        any       Windows  not affected
  
      hosted *       any       any      not affected
  
      ESXi           5.0       ESXi     ESXi500-201203101-SG
      ESXi           4.1       ESXi     ESXi410-201201401-SG
      ESXi           4.0       ESXi     ESXi400-201203401-SG
      ESXi           3.5       ESXi     patch pending
  
      ESX            4.1       ESX      not affected
      ESX            4.0       ESX      not affected
      ESX            3.5       ESX      not affected
  
      * hosted products are VMware Workstation, Player, ACE, Fusion.
  
4. Solution

   Please review the patch/release notes for your product and version
   and verify the checksum of your downloaded file.

   VMware ESXi 5.0
   ---------------
   Filename: update-from-esxi5.0-5.0_update01.zip
   Build: 623860, 608089 (Security-only)
   md5sum: 55C25BD990E2881462BC5B66FB5F6C39
   sha1sum: ECD871BB09B649C6C8C13DE82D579D4B7DCADC88   
   KB: http://kb.vmware.com/kb/2010823

   update-from-esxi5.0-5.0_update01.zip contains ESXi500-201203101-SG

   VMware ESXi 4.1
   ---------------
   Filename: ESXi410-201201001.zip
   Build: 582267
   md5sum: BDF86F10A973346E26C9C2CD4C424E88
   sha1sum: CC0B92869A9AAE4F5E0E5B81BEE109BCD7DA780F
   KB: http://kb.vmware.com/kb/2009137

   ESXi410-201201001 contains ESXi410-201201401-SG

   VMware ESXi 4.0
   ---------------
   Filename: ESXi400-201203001.zip
   Build: 660575
   md5sum: 8054B2E7C9CD024E492AC5C1FB9C1E72
   sha1sum: 6150FEE114D70603CCAE399F42B905A6B1A7F3E1
   KB: http://kb.vmware.com/kb/2011768

   ESXi400-201203001 contains ESXi400-201203401-SG

   VMware ESX 4.1
   --------------
   Filename: ESX410-201201001.zip
   Build: 582267
   md5sum: 16DF9ACD3E74BCABC2494BC23AD0927F
   sha1sum: 1066AE1436E1A75BA3D541AB65296CFB9AB7A5CC
   KB: http://kb.vmware.com/kb/2009080

   ESX410-201201001 contains ESX410-201201401-SG, ESX410-201201402-SG,
   ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG and
   ESX410-201201407-SG

   VMware ESX 4.0
   --------------
   Filename: ESX400-201203001.zip
   Build: 660575
   md5sum: 02B7E883E8B438B83BF5E53A1BE71AD3
   sha1sum: 34734A8EDBA225A332731205EE2D6575AD9E1C88
   http://kb.vmware.com/kb/2011767

   ESX400-201203401 contains ESX400-201203401-SG, ESX400-201203402-SG,
   ESX400-201203403-SG, ESX400-201203404-SG, and ESX400-201203405-SG

5. References

   CVE numbers

   --- COS Kernel ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0726
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1078
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1079
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1093
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1577
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1763
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4649
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0695
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0711
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1044
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1573
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1745
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1746
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1936
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2022
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1780
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2482
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2519
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901
   --- COS cURL ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192
   --- COS rpm ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378
   --- COS samba ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1678
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694
   --- COS python ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1015
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521
   --- python library ---
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521

 ----------------------------------------------------------------------

6. Change log

   2012-01-30 VMSA-2012-0001
   Initial security advisory in conjunction with the release of patches
   for ESX 4.1 and ESXi 4.1 on 2012-01-30.

   2012-03-15 VMSA-2012-0001.1 
   Updated security advisory after the release of ESXi 5.0 patches on
   2012-03-15

   2012-03-29 VMSA-2012-0001.2
   Updated the Relevant Releases, Problem Description, and Solution
   sections to document the release of ESXi 4.0 and ESX 4.0 patches on
   2012-03-29.

 ----------------------------------------------------------------------

7. Contact

   E-mail list for product security notifications and announcements:
   http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
   
   This Security Advisory is posted to the following lists:
   
     * security-announce at lists.vmware.com
     * bugtraq at securityfocus.com
     * full-disclosure at lists.grok.org.uk
   
   E-mail:  security at vmware.com
   PGP key at: http://kb.vmware.com/kb/1055
   
   VMware Security Advisories
   http://www.vmware.com/security/advisories
   
   VMware security response policy
   http://www.vmware.com/support/policies/security_response.html
   
   General support life cycle policy
   http://www.vmware.com/support/policies/eos.html
   
   VMware Infrastructure support life cycle policy
   http://www.vmware.com/support/policies/eos_vi.html
   
   Copyright 2012 VMware Inc.  All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iEYEARECAAYFAk91ERMACgkQDEcm8Vbi9kMV8ACfW9HDxGbYP06qtJD2idPK/+Lx
gFoAoKL970Hvh1S4FCiHMndXIUX6ji8G
=ztBm
-----END PGP SIGNATURE-----



More information about the Security-announce mailing list