VMware Cloud Community
takedahideyuki
Contributor
Contributor

Plan of vCeter server log4j patch

Hello All.

Is there any plan to release a log4j patch of vCenter server 6.7 and 6.5.

Some product does not have patch for every version.

(eg. VMware HCX 4.2.x is fixed in 4.2.4 but no patch for 4.0)

Reply
0 Kudos
3 Replies
sramanuja
VMware Employee
VMware Employee

Yes, there is a plan to release a log4j patch for vCenter server 6.5 and 6.7. It should be available shortly.

Reply
0 Kudos
sramanuja
VMware Employee
VMware Employee

Log4J fixes for 6.5 and 6.7 are live now

For 6.5, there is a new release called 6.5 U3s. Release Notes

For 6.7, there is a new release called 6.7 U3q. Release Notes

See the release notes for each release for location of the full patch ISO and what components are fixed.

Upgrade matrix is here: https://kb.vmware.com/s/article/67077
These releases support upgrading to 7.0 U3C.

Reply
0 Kudos
a_p_
Leadership
Leadership

The patches have been released today.
See https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Make sure you read the release notes, especially if you plan to update/patch via mounted ISO.

André

 

Reply
0 Kudos