Details
Profile NameESXi-6.0.0-20180701001s-standardBuildFor build information, see KB 53627.VendorVMware, Inc.Release DateJuly 26, 2018Acceptance LevelPartnerSupportedAffected HardwareN/AAffected SoftwareN/AAffected VIBs
VMware_bootbank_esx-base_6.0.0-3.93.9239792VMware_bootbank_vsanhealth_6.0.0-3000000.3.0.3.93.7156164VMware_bootbank_vsan_6.0.0-3.93.7156163VMware_locker_tools-light_6.0.0-3.93.9239792VMware_bootbank_esx-ui_1.30.0-9063842
PRs Fixed2068953, 2027686, 1941180, 2096223, 2101036Related CVE numbersN/A
Solution
Summaries and Symptoms
This patch updates the following issues:
The SQLite database is updated to version 3.22.0.
The Python third-party library is updated to version 2.7.14.
The NTP daemon has been updated to version ntp-4.2.8p10.
ESXi hosts with virtual machines using vmxnet3 virtual NICs might fail, if a transmission queue index, passed by a guest driver, is greater than the configured number of transmission queues and is equal or less than eight, which might result in invalid memory access or a null pointer reference. This patch fixes the issue by validating values passed by guest drivers against the configured number of transmission queues.
The ESXi userworld libxml2 library is updated to version 2.9.7.
With this fix, the X-Frame-Options HTTP response header is enabled by default at port 443 on ESXi to prevent possible clickjacking attempts.
Patch Download and Installation
The typical way to apply patches to ESXi hosts is through the VMware vSphere Update Manager. For details, see the Installing and Administering VMware vSphere Update Manager.ESXi hosts can be updated by manually downloading the patch ZIP file from the VMware download page and installing the VIB by using the esxcli software vib command. Additionally, the system can be updated using the image profile and the esxcli software profile command. For details, see the vSphere Command-Line Interface Concepts and Examples and the vSphere Upgrade Guide.
