VMware product updates address OpenSSL security vulnerabilities.

Apply the missing patch(es).

a. Information Disclosure vulnerability in OpenSSL third party library The OpenSSL library is updated to version openssl-1.0.1g to resolve multiple security issues The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2014-0076 and CVE-2014-0160 to these issues.

ESXi 5.5 without patch ESXi550-201404020 ESXi 5.5 Update 1 without patch ESXi550-201404001

Checks for missing patches.

• http://www.vmware.com/security/advisories/VMSA-2014-0004.html

---

Updated on 2015-03-25