VMware ESXi 5.1, Patch ESXi510-201605101-SG: Updates esx-base
search cancel

VMware ESXi 5.1, Patch ESXi510-201605101-SG: Updates esx-base

book

Article ID: 337517

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction


Release date: May 24, 2016

Patch CategorySecurity
Patch SeverityImportant
BuildFor build information, see KB 2141429.
Host Reboot RequiredYes
Virtual Machine Migration or Shutdown RequiredYes
Affected HardwareN/A
Affected SoftwareN/A
VIBs IncludedVMware:esx-base:5.1.0-3.82.3872638
PRs Fixed1353034, 1379675, 1456250 , 1456251, 1456889, 1462126,
1540335, 1540512, 1561037, 1565193, 1567164,1643887
Related CVE numbersN/A


Environment

VMware vSphere ESXi 5.1

Resolution

Summaries and Symptoms

This patch updates the following issues:

  • Support for SSLv3 protocol is enabled by default and is configurable.

    Note: To disable SSLv3 in your vSphere environment, you need to update ESXi to ESXi 5.1 patch [3872664] released on 05/24/2016 and update vCenter Server to vCenter Server 5.1 Update 3d first and then manually disable SSLv3 through configuration settings, for more information, see KB 2139396.

    ESXi hosts updated to ESXi 5.1 patch [3872664] released on 05/24/2016 can be managed by older vCenter Server only if SSLv3 is not disabled in ESXi hosts.

    VMware highly recommends you to update ESXi hosts to ESXi 5.1 patch [3872664] while managing them from vCenter Server 5.1 Update 3d.

    The following products might not work if SSLv3 is disabled in vSphere 5.1 environment:

    • Site Recovery Manager
    • Big Data Extensions
    For more information on products eligible for SSLv3 disablement with vSphere 5.1, see KB 2145484.


  • The Python third-party library is updated to version 2.7.9.
  • The ESXi userworld libxml2 library is updated to version 2.9.2.
  • When you start the Autodeploy service to deploy certificates, outdated SHA1 signature might be used.
  • The OpenSSH is updated to version OpenSSH 7.1p1 Open SSH is updated to version 7.1.
  • The ESXi OpenSSL library is updated to version openssl0.98.

Patch Download and Installation

The typical way to apply patches to ESXi hosts is through the VMware Update Manager. For details, see the Installing and Administering VMware vSphere Update Manager. ESXi hosts can also be updated by manually downloading the patch ZIP file from the Patch Manager Download Portal and installing the VIB by using the esxcli software vib command.