VMware product updates address OpenSSL security vulnerabilities.
Apply the missing patch(es).
a. Information Disclosure vulnerability in OpenSSL third party library The OpenSSL library is updated to version openssl-1.0.1g to resolve multiple security issues The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-0076 and CVE-2014-0160 to these issues.
ESXi 5.5 without patch ESXi550-201404020 ESXi 5.5 Update 1 without patch ESXi550-201404001
Checks for missing patches.
Updated on 2015-03-25
- VMSA-2014-0006: VMware product updates address OpenSSL security vulnerabilities
- VMSA-2014-0004 VMware product updates address OpenSSL security vulnerabilities
- VMSA-2013-0004 VMware ESXi security update for third party library
- VMSA-2014-0012: VMware vSphere product updates address security vulnerabilities
- VMSA-2013-0011 VMware ESX and ESXi updates to third party libraries