VMware fixes numerous vulnerabilities
Vendor VMware has released updates for several of its virtualisation solutions to close numerous security holes. Particularly affected are VMware ESX, ESXi, vCenter, VirtualCenter and vMA. The problems are mainly caused by flawed third-party software such as Kerberos, GCC and OpenSSL shipped with VMware products. The updates for Oracle's Java alone close several dozen holes.
See also:
- VMSA-2010-0009 ESXi utilities and ESX Service Console third party updates
- VMSA-2010-0004.1 ESX Service Console and vMA third party updates
- VMSA-2010-0002.1 VMware vCenter update release addresses multiple security issues in Java JRE
- VMSA-2010-0002.2 VMware vCenter update release addresses multiple security issues in Java JRE
(djwm)