Problems addressed by these patches:a. An updated Service Console XFree86 package that fixes a number of security issuesThe Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the following names CVE-2007-1003, CVE-2007-1351, CVE-2007-1352, and CVE-2007-1667 to these issuesESX 2.5.4 Upgrade Patch 9 (Build# 47255)ESX 2.5.3 Upgrade Patch 12 (Build# 47274)ESX 2.1.3 Upgrade Patch 7 (Build# 47243)ESX 2.0.2 Upgrade Patch 7 (Build# 47268)b. Upgraded UP and SMP kernels for ESX Server 2.5.4 fix a number of security issues.The Common Vulnerabilities and Exposures project(cve.mitre.org) has assigned the names CVE-2005-3055, CVE-2005-3273,CVE-2006-1056, CVE-2006-1342, CVE-2006-1343, CVE-2006-1864, andCVE-2006-2071 to this issue. The new kernel version is 2.4.9-e.71.ESX 2.5.4 Upgrade Patch 9 (Build# 47255)c. An update to the Kerberos network authentication packages provided inthe VMware ESX Server Service Console. Possible vulnerabilities havebeen found with the krb5 telnet daemon, the Kerberos KDC, and kadmin.Although these features are not enabled in the Service Console by default,VMware recommends that all users apply this patch.The Common Vulnerabilities and Exposures project (cve.mitre.org) assignedthe names CVE-2007-0956, CVE-2007-0957, and CVE-2007-1216 to this issue.VMware ESX 3.0.1 without patch ESX-1000073VMware ESX 3.0.0 without patch ESX-1000080
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3055
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3273
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0956
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1216
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667