VMware ESXi Patch Tracker
Brought to you by the VMware Front Experience Blog
Jump to: ESXi 5.0.0 | ESXi 5.1.0 | ESXi 5.5.0 | ESXi 6.0.0 | Matrix view | Help
|[MyVMware Patch Download]||Subscribe: [All] [@ESXiPatches]|
On this site you can find extensive information about VMware ESXi (version 5.0 and later) patches as soon as they are released. All the information that is available here is created in a fully automated way and updated regularly (currently every hour), so that it is always up to date without requiring any manual intervention by me or anyone else!
But that does not mean that you need to check this web site for updates every hour. You can easily subscribe to it through RSS/Atom feeds (one for each ESXi version and one combining all versions) or E-Mail. You can also follow the bot @ESXiPatches on Twitter that will automatically send out a tweet whenever an ESXi patch is released. All these subscription services are currently delivered through Google Feedburner. Use the links in the top right corner to access them!
For each ESXi version (5.0, 5.1, 5.5 and 6.0) the patch releases are listed sorted by date (latest first) with the names of the included Imageprofiles (standard- and security-only if available), their build numbers and all the VIB packages that are updated in each of the Imageprofiles. For each VIB package the new version number, a direct download link, and a link to the VMware Knowledge Base (KB) article that lists the changes in them are provided, along with their high-level category (bugfix, security or enhancement) and severity (general, important, critical or security).
In addition to this Tracker view there is also a different view on Imageprofiles and VIB packages available: In the Matrix view you will see a table of each Imageprofile with all included VIB packages (not only the updated ones). Updated VIB packages are highlighted with hyperlinks that lead you to the relevant VMware KB articles. Use the links at the top of each page to switch between Tracker view and Matrix view!
If you are managing your ESXi hosts with vCenter then you should use the vCenter integrated VMware Update Manager (VUM) to patch your hosts. Once you have VUM properly configured to synchronize with the VMware Online Depot then you will find new patches in its repository right when (or shortly after) they have been announced here.
If you do not have vCenter and VUM available then you can still patch each individual host using esxcli commands. In this case please note the Imageprofile name of the new patch, then
esxcli network firewall ruleset set -e true -r httpClient esxcli software profile update -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml -p ESXi-5.5.0-20150204001-standard esxcli network firewall ruleset set -e false -r httpClient
The first command will open the ESXi firewall for outgoing http(s) requests, so that esxcli can pull the updates directly from the VMware Online Depot using the second command. In this example we update an ESXi host using the Imageprofile ESXi-5.5.0-20150204001-standard (that is the Feb 2015 patch of ESXi 5.5). In most cases a reboot of the host will be required after the update. With the last command you disallow outgoing http(s) requests again. This is optional - you can as well keep the port open -, I do not consider this a big security risk.
Please note that this Online method will only work if your ESXi host has a direct outbound Internet connection. If it does not then you need to download the Offline Bundle for the patch from the MyVMware Patch Download portal and upload that to a datastore of your hosts using the vSphere Client. You can then use a similar command as above to update your hosts - you just need to replace the reference to the VMware Online Depot with the full path to the Offline Bundle zip file:
esxcli software profile update -d /vmfs/volume/your_datastore/ESXi550-201502001.zip -p ESXi-5.5.0-20150204001-standard
You can also use the ESXi-Customizer-PS script to create an Offline Bundle patch file - see references below.
The esxcli update method can also be used to upgrade between ESXi versions (5.0/5.1 -> 5.5 -> 6.0), but there might be some caveats and in some cases special instructions needed to make this work - again see the references below.
To the top