VMware product updates address OpenSSL security vulnerabilities.
Apply the missing patch(es).
a. Information Disclosure vulnerability in OpenSSL third party library The OpenSSL library is updated to version openssl-1.0.1g to resolve multiple security issues The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-0076 and CVE-2014-0160 to these issues.
ESXi 5.5 without patch ESXi550-201404020 ESXi 5.5 Update 1 without patch ESXi550-201404001
Checks for missing patches.
Updated on 2015-03-25
- VMSA-2013-0009 VMware ESX and ESXi updates to third party libraries
- VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX
- VMSA-2012-0018: VMware security updates for vCSA and ESXi
- VMSA-2014-0004 VMware product updates address OpenSSL security vulnerabilities
- VMSA-2013-0011 VMware ESX and ESXi updates to third party libraries