{"id":23687,"date":"2018-02-21T09:00:09","date_gmt":"2018-02-21T08:00:09","guid":{"rendered":"https:\/\/nolabnoparty.com\/?p=23687"},"modified":"2023-07-16T11:27:57","modified_gmt":"2023-07-16T09:27:57","slug":"vmware-new-security-patch-vcenter-server-6-5-u1f","status":"publish","type":"post","link":"https:\/\/nolabnoparty.com\/en\/vmware-new-security-patch-vcenter-server-6-5-u1f\/","title":{"rendered":"VMware new security patch vCenter Server 6.5 U1f"},"content":{"rendered":"<p><img decoding=\"async\" class=\"aligncenter wp-image-23698 size-full\" title=\"vmware-new-security-patch-vcenter-server-65u1f-01\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-01.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-01\" width=\"602\" height=\"202\" \/><\/p>\n<p>VMware released a new security patch for the vCSA's operating system Photon - vCenter Server 6.5 U1f\u00a0build number <strong>7801515<\/strong>\u00a0- against two vulnerabilities related to <a href=\"https:\/\/nolabnoparty.com\/en\/runecast-analyzer-1-6-5-detects-meltdown-spectre-chip-issues\/\">Meltdown and Spectre<\/a> issues.<\/p>\n<p>The new patch vCenter Server 6.5 U1f fixes the <strong>bounds-check bypass<\/strong> (Spectre-1, CVE-2017-5753) and <strong>rogue data cache load<\/strong> issues (Meltdown, CVE-2017-5754). For\u00a0<strong>branch target injection<\/strong> vulnerability (Spectre-2, CVE-2017-5715) there is still no patch instead.<!--more--><\/p>\n<p>The <strong>updated packages<\/strong> are the following:<\/p>\n<ul>\n<li>linux 4.4.110-2<\/li>\n<li>libgcrypt 1.7.6-3<\/li>\n<li>c-ares 1.12.0-2<\/li>\n<li>ncurses 6.0-8<\/li>\n<li>libtasn1 4.12-1<\/li>\n<li>wget 1.18-3<\/li>\n<li>procmail 3.22-4<\/li>\n<li>rsync 3.1.2-4<\/li>\n<li>apr 1.5.2-7<\/li>\n<\/ul>\n<p>Also the VMware security advisory <a href=\"https:\/\/www.vmware.com\/security\/advisories\/VMSA-2018-0007.html\" target=\"_blank\" rel=\"noopener\">VMSA-2018-0007.1<\/a> has been updated with all virtual appliances updates for\u00a0<strong>Spectre and Meltdown\u00a0vulnerabilities<\/strong> and currently the only patches available are for <a href=\"https:\/\/nolabnoparty.com\/en\/vmware-vcsa-6-5-deployment-pt1\/\">vCenter Server Appliance<\/a>\u00a0(6.5 U1f) and for vSphere Integrated Containers (version 1.3.1).<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23699 size-full\" title=\"vmware-new-security-patch-vcenter-server-65u1f-02\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-02.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-02\" width=\"564\" height=\"688\" \/><\/p>\n<p>&nbsp;<\/p>\n<h2>Update to vCenter Server 6.5 U1f<\/h2>\n<p>To proceed with the update of the vCSA, you have to access the management console of the appliance by entering the correct credentials then click <strong>Login<\/strong>.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23700 size-large\" title=\"vmware-new-security-patch-vcenter-server-65u1f-03\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-03-600x545.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-03\" width=\"600\" height=\"545\" \/><\/p>\n<p>Navigate to <strong>Update<\/strong> area and click <strong>Check Updates &gt; Check Repository<\/strong> to check for new updates availability.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23704 size-large\" title=\"vmware-new-security-patch-vcenter-server-65u1f-04\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-04-600x322.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-04\" width=\"600\" height=\"322\" \/><\/p>\n<p>When the new update has been detected, click <strong>Install &gt; Install All Updates<\/strong> to proceed with the update.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23705 size-large\" title=\"vmware-new-security-patch-vcenter-server-65u1f-05\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-05-600x433.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-05\" width=\"600\" height=\"433\" \/><\/p>\n<p>Click <strong>Accept<\/strong> to accept the EULA.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23706 size-large\" title=\"vmware-new-security-patch-vcenter-server-65u1f-06\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-06-600x274.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-06\" width=\"600\" height=\"274\" \/><\/p>\n<p>Click <strong>Install<\/strong> to begin the installation.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23707 size-large\" title=\"vmware-new-security-patch-vcenter-server-65u1f-07\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-07-600x280.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-07\" width=\"600\" height=\"280\" \/><\/p>\n<p>The patch is being installed in the vCSA.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23708 size-large\" title=\"vmware-new-security-patch-vcenter-server-65u1f-08\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-08-600x319.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-08\" width=\"600\" height=\"319\" \/><\/p>\n<p>When the installation has completed successfully, click <strong>OK<\/strong> to reboot the appliance.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23709 size-large\" title=\"vmware-new-security-patch-vcenter-server-65u1f-09\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-09-600x319.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-09\" width=\"600\" height=\"319\" \/><\/p>\n<p>The appliance reboots to apply the changes.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23710 size-full\" title=\"vmware-new-security-patch-vcenter-server-65u1f-10\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-10.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-10\" width=\"302\" height=\"202\" \/><\/p>\n<p>After the vCSA reboot, the patching process is complete. Build number is now reported as <strong>7801515<\/strong>.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter wp-image-23711 size-large\" title=\"vmware-new-security-patch-vcenter-server-65u1f-11\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/2018\/02\/vmware-new-security-patch-vcenter-server-65u1f-11-600x378.jpg\" alt=\"vmware-new-security-patch-vcenter-server-65u1f-11\" width=\"600\" height=\"378\" \/><\/p>\n<p>The update is currently available from the repository only.<\/p>\n<p><img decoding=\"async\" title=\"signature\" src=\"https:\/\/nolabnoparty.com\/wp-content\/uploads\/images\/firma.jpg\" alt=\"signature\" \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>VMware released a new security patch for the vCSA's operating system Photon - vCenter Server 6.5 U1f\u00a0build number 7801515\u00a0- against two vulnerabilities related to Meltdown and Spectre issues. The new patch vCenter Server 6.5 U1f fixes the bounds-check bypass (Spectre-1, CVE-2017-5753) and rogue data cache load issues (Meltdown, CVE-2017-5754). For\u00a0branch target injection vulnerability (Spectre-2, CVE-2017-5715) there is still no patch instead.<\/p>\n","protected":false},"author":3,"featured_media":23698,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rop_custom_images_group":[],"rop_custom_messages_group":[],"rop_publish_now":"initial","rop_publish_now_accounts":{"linkedin_93tdZWzMZc_93tdZWzMZc":"","facebook_2879994398731222_17841400390232720":"","twitter_113568041_113568041":"","mastodon_115463926174894442_115463926174894442":""},"rop_publish_now_history":[],"rop_publish_now_status":"pending","footnotes":""},"categories":[903,2701],"tags":[1829,626,1830,1847],"class_list":["post-23687","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vmware-en","category-vsphere-en","tag-meltdown","tag-patch-en","tag-spectre","tag-vcenter-server-6-5u1f","has_thumb"],"_links":{"self":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts\/23687","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/comments?post=23687"}],"version-history":[{"count":0,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/posts\/23687\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/media\/23698"}],"wp:attachment":[{"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/media?parent=23687"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/categories?post=23687"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nolabnoparty.com\/en\/wp-json\/wp\/v2\/tags?post=23687"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}