VMware released today a new security patch, vCenter Server 6.5 U1g, build number 8024368. This release contains few VMware software fixes, security fixes, and third-party product fixes. The new patch can already be downloaded from My VMware portal (VMware-VCSA-all-6.5.0-8024368.iso, 3.36 GB). Patch is also available through standard online repository.
Updated packages in vCSA (Photon OS):
- linux 4.4.115-1 (CVE-2018-5344)
- libtasn1 4.13-1 (CVE-2018-6003)
- dnsmasq 2.76-5 (CVE-2017-15107)
vCenter Server 6.5 U1g provides part of the hypervisor-assisted guest mitigation of CVE-2017-5715 for guest operating systems (Spectre-2 vulnerability). For more details on this mitigation, see VMware Security Advisory VMSA-2018-0004.3.
The patch also fixes an issue where in some cases the inclusion of an ESXi host into an empty Enhanced vMotion Compatibility (EVC) cluster would fail even though the host met the requirements.
How To Update To vCenter Server 6.5 U1g
Connect to the appliance management interface (port 5480) and check for available updates. In my case, you can see I’m running 188.8.131.5200 build number 7801515 (vCenter Server 6.5 U1f) and a new version is available.
Click “Install Updates”, then click “Install All Updates”. Accept End User License Agreement. Decide if you want to join Customer Experience Improvement Program and click “Install”. The installation begins:
After few minutes, the update will complete. Click OK to close the wizard and restart the appliance.
After reboot, I can see the new version listed: 184.108.40.20600 build number 8024368.
If you want to follow step by step instructions for updating vCenter Server using the GUI interface, you can read How to Update vCenter Server Appliance to 6.5 Update 1b. If you would rather use CLI to update vCSA, read How to Update vCenter Server Appliance to 6.5 Update 1d.
Happy patching 🙂