Double 'delight' awaits VMware upgraders

By on
Double 'delight' awaits VMware upgraders

VMware has quietly pointed out that upgrades to some versions of its flagship vSphere product have become doubly – ahem! – delightful.

A Wednesday post explained that “To guarantee the security of your download, VMware releases are cryptographically signed. The certificate used to sign legacy releases of software expires at the end of December 2019. For some time now, we have been dual signing releases with the replacement certificate and the legacy certificate. Soon releases be will signed only by the newer certificate (as of April 2020 for the 6.7 codebase, and June 2020 for the 6.5 codebase). This new certificate is valid until September 2037.”

Yeah okay, crypto-mumbo-jumbo. Why do you need to care?

Because the certificate means that if you’ve been asked to update a client’s VMware rig, or you want to keep your own in tip-top shape, you'll need to do two upgrades instead of one.

As VMware’s explained:

  • ESXi 6.0 versions between 6.0 GA and Update 3G must upgrade first to a minimum of 6.0 Update 3G. Once there, upgrade to the subsequent target release. Alternatively, upgrade to a minimum of 6.5 Update 2 before upgrading further.
  • ESXi 6.5 versions between 6.5 GA and Update 2 must upgrade to a minimum of 6.5 Update 2. Once there, upgrade to the subsequent target release. See below for some example upgrade paths.

Don’t try to get away with just one upgrade! VMware advises that “Attempting to upgrade directly from one of the affected releases to any release posted in 2020 will fail.”

“To be absolutely clear on this: if your ESXi hosts are already running version 6.0 U3G (build 9239799, released 26th July 2018) or 6.5 U2 (build 8294253, released 3rd May 2018) or higher, then you are NOT affected by this. ESXi 6.7 is also unaffected. Another good reason to stay on top of patches!”

VMware has also pointed out that these double upgrades would not be necessary if users kept on top of their patching.

“6.0U3G is 9 patches behind the current patch level for vSphere 6.0, and 6.5 U2 is 15 patches behind the current patch level for 6.5,” a VMware staffer pointed out to CRN.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © CRN Australia. All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?