VMware vCenter Converter Standalone 5.5.3 Patch Release
search cancel

VMware vCenter Converter Standalone 5.5.3 Patch Release

book

Article ID: 340680

calendar_today

Updated On:

Products

VMware

Issue/Introduction

Released 9 OCT 2014 | Build 2183569 | vCenter Converter Standalone 5.5.2 Release Notes

  • A critical security vulnerability in the Bash shell, also referred to as Shellshock, has been identified. Exploitation of this issue might lead to remote code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278 to this issue.

    During Linux P2V conversions, Converter Standalone is running a Helper VM at the destination location. The Helper VM of vCenter Converter Standalone 5.5.2 might use the Bash shell which is part of the Linux operating system. In case the operating system has a vulnerable version of Bash, the Bash security vulnerability might be exploited through the helper VM.

    The vCenter Converter Standalone 5.5.3 release fixes the Bash shell vulnerability.

  • The VMware vCenter Converter Standalone 5.5.3 release provides an update to OpenSSL library, which addresses multiple security issues. The OpenSSL library is updated to version openssl-0.9.8zb to address CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, and CVE-2014-3510.


Environment

VMware vCenter Converter Standalone 5.5.x

Resolution

If you are running vCenter Converter Standalone 5.5.2, upgrade to vCenter Converter Standalone 5.5.3

Note: Task history and other application data are not preserved during the upgrade.

  1. Log in to Customer Connect and download the installation package for vCenter Converter Standalone 5.5.3 from the following location: https://customerconnect.vmware.com/downloads/info/slug/infrastructure_operations_management/vmware_vcenter_converter_standalone/5_5.
  2. Run the installer and follow the on-screen prompts to complete the upgrade operation.

Additional Information

For translated versions of this article, see: