| New User, Welcome! Login |
Next Page >>
patched
- - -------------------------------------------------------------------
1. Summary:
Updated versions of all supported hosted products and all ESX 2x
products and patches for ESX 30x address critical security updates.
Service Console security updates for samba, bind, krb5, vixie-cron,
shadow-utils, openldap, pam, gcc, and gdb packages.
2. Relevant releases:
- -----------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2009-0016
Synopsis: VMware vCenter and ESX update release and vMA patch
release address multiple security issue in third
party components
Issue date: 2009-11-20
Updated on: 2009-11-20 (initial release of advisory)
CVE numbers: --- JRE ---
- -------------------------------------------------------------------
1. Summary:
Several critical security vulnerabilities have been addressed
in patches in ESX and in the newest releases of VMware's hosted
product line.
2. Relevant releases:
VMware Workstation 6.0.3 and earlier,
VMware Player 1.0.7 and earlier,
VMware ACE 2.0.4 and earlier,
VMware ACE 1.0.6 and earlier,
VMware Server 1.0.6 and earlier,
VMware ESX 3.0.3 without patches ESX303-200808404-SG, ESX303-200808403-SG
ESX303-200808406-SG.
VMware ESX 3.0.2 without patches ESX-1005109, ESX-1005113,
ESX-1005114.
vCenter Server 4.1 without Update 1,
vCenter Update Manager 4.1 without Update 1,
ESXi 4.1 without patch ESXi410-201101201-SG,
ESX 4.1 without patch ESX410-201101201-SG.
3. Problem Description
device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl,
bind, expat, openssh, ntp and kernel packages.
2. Relevant releases
VMware ESX 4.0.0 without patch ESX400-201002404-SG, ESX400-201002407-SG,
ESX400-201002406-SG
VMware vMA 4.0 before patch 3
3. Problem Description
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01579861
Version: 1
HPSBST02379 SSRT080143 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-056 to MS08-066
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-10-20
Last Updated: 2008-10-20
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01530663
Version: 1
HPSBST02360 SSRT080117 rev.2 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-041 to MS08-051
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-08-18
Last Updated: 2008-08-18
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01372284
Version: 1
HPSBST02314 SSRT080016 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-003 to MS08-013
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-02-20
Last Updated: 2008-02-20
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01372284
Version: 1
HPSBST02314 SSRT080016 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-003 to MS08-013
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-02-20
Last Updated: 2008-02-20
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has provided the following software patch kits to resolve the vulnerability.
The patch kits can be downloaded from http://support.openview.hp.com/selfsolve/patches by searching for 'select identity connectors' or the Patch Document ID.
HP OpenView Select Identity Connector - BiDir ActiveDir Connector
Affected Software Version - v 1.70.003 and earlier
===============================================
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has provided the following software patch kits to resolve the vulnerability.
The patch kits can be downloaded from http://support.openview.hp.com/selfsolve/patches by searching for 'select identity connectors' or the Patch Document ID.
HP OpenView Select Identity Connector - BiDir ActiveDir Connector
Affected Software Version - v 1.70.003 and earlier
SUPPORT COMMUNICATION - SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01143196
Version: 1
HPSBST02255 SSRT071456 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-042 to MS07-050
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-08-20
Last Updated: 2007-08-20
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01433452
Version: 1
HPSBST02329 SSRT080048 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-018 to MS08-025
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-04-15
Last Updated: 2008-04-15
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01632189
Version: 1
HPSBST02394 SSRT080183 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-070 to MS08-077
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-12-17
Last Updated: 2008-12-17
ESXi update for ntp and ESX Console OS (COS) updates for COS
kernel, openssl, krb5, gcc, bind, gzip, sudo.
2. Relevant releases
VMware ESX 4.0.0 without patches ESX400-201005401-SG,
ESX400-201005406-SG, ESX400-201005408-SG, ESX400-201005407-SG,
ESX400-201005405-SG, ESX400-201005409-SG
3. Problem Description
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01302412
Version: 1
HPSBST02299 SSRT071506 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-063 to MS07-069
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-12-17
Last Updated: 2007-12-17
RESOLUTION
HP has made the following procedure available to resolve the vulnerability.
Note: The resolution is contained in the archive files listed below. Before an archive file is applied a patch may be required. The patch will insure that NNM is compatible with the software files in the archive. No patch is required for NNM v7.53.
1. Install the appropriate patch listed in the table below. The patches are available from http://itrc.hp.com
2. Download the appropriate archive file listed in the table below. The archive files are available here:
ftp://ss080024:ss080024@hprc.external.hp.com/
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01482941
Version: 1
HPSBST02344 SSRT080087 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS08-030 to MS08-036
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-06-17
Last Updated: 2008-06-17
- -------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2010-0007
Synopsis: VMware hosted products, vCenter Server and ESX
patches resolve multiple security issues
Issue date: 2010-04-09
Updated on: 2010-04-09 (initial release of advisory)
CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042
CVE-2009-1564 CVE-2009-1565 CVE-2009-3732
CVE-2009-3707 CVE-2010-1138 CVE-2010-1139
- -------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2010-0007
Synopsis: VMware hosted products, vCenter Server and ESX
patches resolve multiple security issues
Issue date: 2010-04-09
Updated on: 2010-04-09 (initial release of advisory)
CVE numbers: CVE-2010-1142 CVE-2010-1140 CVE-2009-2042
CVE-2009-1564 CVE-2009-1565 CVE-2009-3732
CVE-2009-3707 CVE-2010-1138 CVE-2010-1139
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made archive files and patches available to resolve the vulnerability. The archive files are listed in the table below. In some cases a patch is required. The patch will insure that NNM is compatible with the software files in the archive. No patch is required for NNM v7.53
The patches are available from http://itrc.hp.com
The archive files are available from: ftp://ss080033:s080033@hprc.external.hp.com/
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00727143
Version: 9
HPSBMA02133 SSRT061201 rev.9 - HP Oracle for OpenView (OfO) Critical Patch Update
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2006-07-19
Last Updated: 2008-07-15
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
The Hewlett-Packard Company thanks Liu Zhen Hua of FortiGuard Global Security Research Team for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made archive files and patches available to resolve the vulnerability. The archive files are listed in the table below. In some cases a patch is required. The patch will insure that NNM is compatible with the software files in the archive. No patch is required for NNM v7.53
Note: The files installed for the Resolution in "rev.1" of this Security bulletin must be removed. Instructions for removing the files are in the Readme.txt file. The files recommended in "rev.1" of this Security Bulletin introduced a problem with the 'ovstop -c' command. Under certain circumstances the 'ovstop -c' command would not stop certain NNM processes. The files recommended in "rev.1" of this Security Bulletin do resolve the security vulnerability.
The patches are available from http://itrc.hp.com
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01208742
Version: 1
HPSBST02280 SSRT071480 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-055 to MS07-060
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2007-10-15
Last Updated: 2007-10-15
this IS NOT a plot to sell more Win7. Granted the marketing folks spun
this bulletin WAY WAY TOO much. It is what it is. I do believe the
architecture in XP just isn't there. It's a 10 year old platform that
sometimes you can't bolt on this stuff afterwards. Even in Vista, it's
not truly fixing the issue, merely making the system more resilient to
attacks. Read the fine print in the patch.. it's just making the system
kill a session and recover better.
I am not a fan of third party because you bring yourself outside the
support window of the product.
>> IS NOT a plot to sell more Win7. Granted the marketing folks spun
>> this bulletin WAY WAY TOO much. It is what it is. I do believe the
>> architecture in XP just isn't there. It's a 10 year old platform
>> that sometimes you can't bolt on this stuff afterwards. Even in
>> Vista, it's not truly fixing the issue, merely making the system more
>> resilient to attacks. Read the fine print in the patch.. it's just
>> making the system kill a session and recover better.
>>
>> I am not a fan of third party because you bring yourself outside the
>> support window of the product.
>>
ESX 3.5 Console OS (COS) updates for COS packages perl, krb5, samba,
tar, and cpio.
2. Relevant releases
VMware ESX 3.5 without patches ESX350-201008405-SG,
ESX350-201008407-SG, ESX350-201008410-SG, ESX350-201008411-SG,
ESX350-201008412-SG.
Notes:
Effective May 2010, VMware's patch and update release program during
ESX 3.5 Console OS (COS) updates for COS packages perl, krb5, samba,
tar, and cpio.
2. Relevant releases
VMware ESX 3.5 without patches ESX350-201008405-SG,
ESX350-201008407-SG, ESX350-201008410-SG, ESX350-201008411-SG,
ESX350-201008412-SG.
Notes:
Effective May 2010, VMware's patch and update release program during
- ------------------------------------------------------------------------
VMware Security Advisory
Advisory ID: VMSA-2008-0016
Synopsis: VMware Hosted products, VirtualCenter Update 3 and
patches for ESX and ESXi resolve multiple security issues
Issue date: 2008-10-03
Updated on: 2008-10-03 (initial release of advisory)
CVE numbers: CVE-2008-4279 CVE-2008-4278 CVE-2008-3103
CVE-2008-3104 CVE-2008-3105 CVE-2008-3106
CVE-2008-3107 CVE-2008-3108 CVE-2008-3109
Next Page>>
|
|
|
