Please note: The out-of-band patch for the Heartbleed issue is provided as two different Offline patch bundles: One includes only all the security fixes of the recently released ESXi 5.5 Update 1 package plus the Heartbleed fix (see KB2076589). The other one includes the complete ESXi 5.5 Update 1 package, the Heartbleed fix and some new functional fixes (Updated VMware Tools and a fixed lsi-mr3 driver - see KB2076120). So you could also consider this an update to Update 1, or an Update 1a ... Let's see if VMware will also update the ESXi 5.5 Update 1 ISO download to include these fixes.
Anyway, head over to the VMware Patch Download page to download the latest fixes!
I will soon update my ESXi VIB Matrix to include these latest ESXi 5.5 builds.
And before someone asks this in the comments of this post ... here is how to update your standalone host with the Heartbleed patch ;-)
Enable SSH access on your host, log in to it (e.g. using putty) and run the following commands:
# open firewall for outgoing http requests: esxcli network firewall ruleset set -e true -r httpClient # Install the ESXi 5.5 U1 Heartbleed Imageprofile from the VMware Online depot esxcli software profile update -d https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml -p ESXi-5.5.0-20140404001-standard # Reboot your host reboot
VMware has also published a KB article with detailed instructions on how to resolve the Heartbleed issue for ESXi 5.5. Please remember: This does not only include installing the patch, but also re-generating/replacing the SSL certificate and changing the root password!
This post first appeared on the VMware Front Experience Blog and was written by Andreas Peetz. Follow him on Twitter to keep up to date with what he posts.