Hotfix XS62ESP1032 - For XenServer 6.2.0 Service Pack 1

Who Should Install This Hotfix?

This is a hotfix for customers running XenServer 6.2.0 Service Pack 1. All customers who are affected by the issue described in?? CTX201717 – Citrix XenServer Security Update for CVE-2015-5165?? should install this hotfix.

??

Issue Resolved In This Hotfix

This hotfix addresses the vulnerability as described in the Security Bulletin above.

This hotfix also includes the following previously released hotfixes:

• CTX140051 –?? Hotfix XS62ESP1002 - For XenServer 6.2.0 Service Pack 1
• CTX140417 –?? Hotfix XS62ESP1004 - For XenServer 6.2.0 Service Pack 1
• CTX141036 –?? Hotfix XS62ESP1008 - For XenServer 6.2.0 Service Pack 1
• CTX141472 –?? Hotfix XS62ESP1011 - For XenServer 6.2.0 Service Pack 1
• CTX141480 –?? Hotfix XS62ESP1013 - For XenServer 6.2.0 Service Pack 1
• CTX141717 –?? Hotfix XS62ESP1015 - For XenServer 6.2.0 Service Pack 1
• CTX141779 –?? Hotfix XS62ESP1016 - For XenServer 6.2.0 Service Pack 1
• CTX142146 –?? Hotfix XS62ESP1019 - For XenServer 6.2.0 Service Pack 1
• CTX142272 –?? Hotfix XS62ESP1021 - For XenServer 6.2.0 Service Pack 1
• CTX142481 –?? Hotfix XS62ESP1025 - For XenServer 6.2.0 Service Pack 1
• CTX141952 –?? Hotfix XS62ESP1026 - For XenServer 6.2.0 Service Pack 1
• CTX142536 –?? Hotfix XS62ESP1027 - For XenServer 6.2.0 Service Pack 1
• CTX201635 –?? Hotfix XS62ESP1030 - For XenServer 6.2.0 Service Pack 1
• CTX201763 –?? Hotfix XS62ESP1031 - For XenServer 6.2.0 Service Pack 1

Installing the Hotfix

Customers should use either XenCenter or the XenServer Command Line Interface (CLI) to install this update. When the installation is complete, restart the server for the update to take effect. As with any software update, back up your data before applying this hotfix. Citrix recommends updating all hosts within a pool sequentially. Upgrading of hosts should be scheduled to minimize the amount of time the pool runs in a "mixed state" where some hosts are upgraded and some are not. Running a mixed pool of updated and non-updated hosts for general operation is not supported.

Note:?? The attachment to this article is a zip file. It contains both the hotfix update package and the source code for any modified open source components. The source code is not necessary for hotfix installation: it is provided to fulfill licensing obligations.

Installing the update by using XenCenter

1. Download the update to a known location on a computer that has XenCenter installed.
2. In XenCenter, on the?? Tools?? menu, select?? Install Update. The Install Update wizard appears.
3. Click?? Next?? to start the Wizard.
4. Click?? Add?? to upload a new update.
5. Browse to the location where you downloaded the hotfix, select it and then click?? Open.
6. From the list of updates select?? XS62ESP1032.xsupdate?? and then click?? Next.
7. Select the hosts to which you want to apply the hotfix and then click?? Next.
8. Follow the recommendations to resolve any upgrade prechecks and then click?? Next.
9. Choose how to perform post-update tasks. In the?? Post update options?? section, select automatically or manually, and then click?? Install update.
10. When the installation process is complete, click?? Finish?? to exit the wizard.

Notes:

• ?? Customers who select to?? manually?? perform the post-update tasks, must ensure to do so after installing the hotfix.
• Customers who select to?? automatically?? perform the post-update tasks should note that XenCenter restarts each host sequentially starting with the Pool Master. Where possible, the VMs are migrated to other running hosts to avoid VM downtime. When the Pool Master is restarting, XenCenter cannot monitor the pool.

Installing the update by using the xe Command Line Interface

1. Download the update file to a known location.
2. Extract the xsupdate file from the zip.
3. Upload the xsupdate file to the Pool Master by entering the following commands:??
   (Where?? hostname?? is the Pool Master's IP address or DNS name.)
   

   xe patch-upload -s?? <hostname>?? -u root -pw?? <password>?? file-name=<path_to_update_file>\XS62ESP1032.xsupdate

   XenServer assigns the update file a UUID which this command prints. Note the UUID.

   e5139c7b-8f42-4f3d-a812-9274d1c775ec

4. Apply the hotfix to all hosts in the pool, specifying the UUID of the hotfix:

   xe -s?? <hostname>?? -u root -pw?? <password>?? patch-pool-apply uuid=e5139c7b-8f42-4f3d-a812-9274d1c775ec

5. Verify that the update was applied by using the?? patch-list?? command.

   xe patch-list -s?? <hostname>?? -u root -pw?? <password>?? name-label=XS62ESP1032

   If the update is successful, the?? hosts?? field contains the UUIDs of the hosts to which this patch was successfully applied. This should be a complete list of all hosts in the pool.
6. To verify in XenCenter that the update is applied correctly, select the Pool, and then click the?? General?? tab. This displays the Pool properties. In the?? Updates?? section, ensure that the update is listed as?? Fully Applied.
7. The hotfix is applied to all hosts in the pool, but does not take effect until each host restarts. For each host, migrate the VMs that you wish to keep running, and shut down the remaining VMs before restarting the host.

Files

Hotfix File

Files Updated