New patches released for ESX

VMware released 6 patches for ESX 3.5 including:

VMware ESX 3.5, Patch ESX350-200905401-BG: Updates vmkernel and hostd RPMs Critical updates related to HA failover of VM’s on NFS datastores and invalid license issues. Host reboot required.
VMware ESX 3.5, Patch ESX350-200905402-BG: Updates VMX RPM General update to address a robustness issue with VMX. No Host reboot required.
VMware ESX 3.5, Patch ESX350-200905403-BG: Updates aacraid driver for Adaptec Replaces the Adpatec aacraid_esx30 driver to mitigate potential failure under heavy load on some IBM, SUN or Fujitsu hosts. Host reboot required.
VMware ESX 3.5, Patch ESX350-200905404-BG: Update to tzdata package Updates time zone information for changes in Brazil and Argentina. No host reboot required.
VMware ESX 3.5, Patch ESX350-200905405-BG: Updates Kernel Source and VMNIX This patch updates kernel-source and kernel-vmnix to support the aacraid software driver update. Host Reboot is required.

One of the locations that VMware lists updates is on the VMware Knowledge Base Blog.

New Security Patches for ESX

VMware updated Security Advisory VMSA-2009-0004.1 and released 4 new patches:

VMware ESX 3.5, Patch ESX350-200904402-SG: Updates ESX Scripts  <- This one also corrects the need to rescan storage twice with Qlogic HBA’s!
VMware ESX 3.5, Patch ESX350-200904406-SG: Updates vim-common, vim-minimal RPMs
VMware ESX 3.5, Patch ESX350-200904407-SG: Security Update to BIND
VMware ESX 3.5, Patch ESX350-200904408-SG: Security Update to the openssl Package

The KB articles referenced above state that none of these updates require VM or Host shutdown. The updated advisory includes references to ESX 3.0.3, 3.0.2 and 2.5, but no new patches have been released for these versions since April, 10, 2009.

You can subscribe to VMware Security announcments here: http://lists.vmware.com/mailman/listinfo/security-announce