VMware 歷史版本列表 Page26

更新時間：2008-03-17
更新細節：

What's new in this version:

Version 1.0.5 a maintenance bug fix release to address security issues. See Resolved Issues for information on what has been fixed. In addition, Version 1.0.5 improves Remote Console performance and screen refreshing.

更新時間：2007-10-19
更新細節：

What's new in this version:

- Hosts with AMD Duron processors might not be able to power on virtual machines. This problem resulted because Duron processors that are based on Athlon do not have Intel SSE (Streaming SIMD Extensions). (bug 183866)
- Ubuntu 7.04 virtual machines sometimes power off unexpectedly if paravirtual kernel support is enabled. (bug 190499)

更新時間：2007-09-29
更新細節：

What's new in this version:

Issues Resolved in VMware Server 1.0.4
- In previous releases, when a virtual machine configuration (.vmx) file contained the line serialX.HardwareFlowControl = TRUE, the modem control signals were not correctly handled. This release fixes that problem. Modem control signals are now strictly passed through between the virtual and the physical serial port.
- This release fixes a problem that caused Fedora Core 7 to fail with an ASSERT when issuing SCSI commands that have illegal targets. This problem is not clearly exploitable by a normal user.
- This release fixes a problem that could cause Linux virtual machines with VMI-enabled kernels to run very slowly after being rebooted repeatedly.
- This release fixes a problem that could cause a virtual machine to fail at power-on when using a sound card with more than two mixer channels on a Windows 32-bit host.
- This release fixes a problem that could cause a 64-bit Solaris 10 virtual machine to fail at power-on after being updated with Solaris Update Patch 125038-04.
- This release fixes a problem that resulted from a conflict between Linux guest operating systems with kernel version 2.6.21 and RTC-related processes on the host. This problem caused the virtual machine to quit unexpectedly.
- This release fixes a problem that caused the hostd to quit unexpectedly in virtual machines with a corrupted snapshot.
- This release fixes a problem that prevented virtual machines running Fedora Core 7 from properly recognizing LSILogic SCSI devices.
- This release fixes a problem that prevented the VMware vmmon module from building correctly on hosts running Linux with kernel version 2.6.20-rc1.
- This release fixes a problem that prevented the VMware vmnet module from building correctly on hosts running Linux with kernel versions higher than 2.6.21.
- This release fixes a problem that could corrupt the guest's memory on hosts running Linux with kernel versions higher than 2.6.21.
- This release fixes the following problem: when a user attempts to access a virtual machine through the Windows remote VMware Service Console, and the user does not have execute permission on the virtual machine configuration (.vmx) file, the display is blank with no indication of the actual problem. This release adds an error message in this circumstance, to advise the user that execute access is required to connect to the virtual machine with the VMware Service Console.
- This release fixes a problem with virtual machines running Red Hat Linux 7.1, kernel version 2.4.2, that caused the guest operating system to become unresponsive during the installation of VMware Tools, after the user selected the default display size.
- This release fixes a problem that prevented VMware Player from launching. This problem was accompanied by the error message VMware Player unrecoverable error: (player) Exception 0xc0000005 (access violation) has occurred. This problem could result in a security vulnerability from some images stored in virtual machines downloaded by the user.

Security Issues Resolved in VMware Server 1.0.4:
- This release fixes a security vulnerability that could allow a guest operating system user with administrative privileges to cause memory corruption in a host process, and thus potentially execute arbitrary code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4496.
- This release fixes a security vulnerability that could allow a guest operating system user without administrator privileges to cause a host process to become unresponsive or exit unexpectedly, making the guest operating system unusable. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4497.
- This release fixes several security vulnerabilities in the VMware DHCP server that could enable a malicious web page to gain system-level privileges.
- This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file IntraProcessLogging.dll to overwrite files in a system.
- This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file vielib.dll to overwrite files in a system.
- This release fixes a security vulnerability in which VMware Server was starting registered Windows services such as the Authorization service with "bare" (unquoted) paths, such as c:program filesvmware.... Applications and services in Windows must be started with a quoted path. This vulnerability could allow a malicious user to escalate user privileges.
- This release fixes a problem that could cause user passwords to be printed in cleartext in some VMware Server logs.

更新時間：2007-09-19
更新細節：

What's new in this version:

- This release fixes several security vulnerabilities in the VMware DHCP server that could enable a malicious web page to gain system-level privileges.
- This release fixes a security vulnerability that could allow a guest operating system user with administrative privileges to cause memory corruption in a host process, and thus potentially execute arbitrary code on the host. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4496.
- This release fixes a security vulnerability that could allow a guest operating system user without administrator privileges to cause a host process to become unresponsive or exit unexpectedly, making the guest operating system unusable. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the following name to this issue: CVE-2007-4497.
- This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file IntraProcessLogging.dll to overwrite files in a system.
- This release fixes a security vulnerability that could allow a malicious remote user to exploit the library file vielib.dll to overwrite files in a system.
- This release fixes a problem that prevented VMware Player from launching. This problem was accompanied by the error message VMware Player unrecoverable error: (player) Exception 0xc0000005 (access violation) has occurred. This problem could result in a security vulnerability from images stored in virtual machines downloaded by the user.
- This release fixes a security vulnerability in which VMware Player was starting registered Windows services such as the Authorization service with "bare" (unquoted) paths, such as c:program filesvmware.... Applications and services in Windows must be started with a quoted path. This vulnerability could allow a malicious user to escalate user privileges.

更新時間：2007-05-15
更新細節：

What's new in this version:

Issues Resolved in VMware Server 1.0.3
- This release fixes a problem with VMware Tools that caused the guest to run out of memory.
- VMware Server 1.0.3 fixes a bug introduced in the VMware Server version 1.0.2 VIX API. As a result of this bug, if Vix_ReleaseHandle (vmhandle) and VixHost_Disconnect (hosthandle) are called, a crash occurs in VixHost_Disconnect(). This crash is accompanied by the following error message:

VMware Server Error:
VMware Server unrecoverable error: (app)
ASSERT /build/mts/release/bora-39867/pompeii2005/bora/lib/vmdb/vmdbCtx.c:487 bugNr=23952
A log file is available in "/tmp/vmware-mark/vix-3749.log". Please request support and include the contents of the log file.
To collect files to submit to VMware support, run vm-support.
We will respond on the basis of your support entitlement.


Security Issues Resolved in VMware Server 1.0.3
- Virtual machines can be put in various states of suspension, as specified by the ACPI power management standard. When returning from a sleep state (S2) to the run state (S0), the virtual machine process (VMX) collects information about the last recorded running state for the virtual machine. Under some circumstances, VMX read state information from an incorrect memory location. This issue could be used to complete a successful Denial-of-Service attack where the virtual machine would need to be rebooted.
- Some VMware products support storing configuration information in VMware system files. Under some circumstances, a malicious user could instruct the virtual machine process (VMX) to store malformed data, causing an error. This error could enable a successful Denial-of-Service attack on guest operating systems.
- Some VMware products managed memory in a way that failed to gracefully handle some general protection faults (GPFs) in Windows guest operating systems. A malicious user could use this vulnerability to crash Windows virtual machines. While this vulnerability could allow an attacker to crash a virtual machine, we do not believe it was possible to escalate privileges or escape virtual containment.
- In a 64-bit Windows guest on a 64-bit host, debugging local programs could create system instability. Using a debugger to step into a syscall instruction may corrupt the virtual machine's register context. This corruption produces unpredictable results including corrupted stack pointers, kernel bugchecks, or vmware-vmx process failures.

更新時間：2007-05-09
更新細節：

What's new in this version:

VMware Player 2.0 adds the following features:
- Windows Vista support - You can use Windows Vista as a host and guest operating system.
- USB 2.0 Support - You can use peripherals that require high-speed performance, such as MP3 players and fast storage devices, in your virtual machines.
- Shared folders - If the virtual machine has shared folders enabled, you can use this feature to move files between the host and guest operating systems. The virtual machine must be preconfigured with shared folders enabled, and with the path specified to the designated shared folder on the host. As a security precaution, shared folders are disabled by default in VMware Player. When you open a virtual machine with shared folders in VMware Player, a notification message explains that shared folders have been disabled, and tells you how to re-enable the feature.
- Appliance view - Virtual machine appliances can now be preconfigured to display an appliance view. A virtual appliance is a fully pre-installed and pre-configured application and operating system environment that runs on any standard x86 desktop or server in a virtual machine - for example, a Web server application with a browser-based console. The appliance view gives you a brief description of the type of server or appliance and provides a link that opens the browser on the guest system and connects to the correct port for the server console. If a virtual machine is configured with an appliance view, VMware Player defaults to the appliance view. You can also use the traditional console view if you prefer.
- Welcome page - The user-friendly Welcome page gives you the option of browsing to a virtual machine file, opening a recently used virtual machine, or downloading a virtual appliance from the VMTN (VMware Technology Network) Web site.
- Experimental support for Virtual SMP - You can use VMware Player to power on a virtual machine that has more than one virtual processor assigned.

更新時間：2007-04-27
更新細節：

What's new in this version:

VMware Player 1.0.4 addresses the following security issues:
- Virtual machines can be put in various states of suspension, as specified by the ACPI power management standard. When returning from a sleep state (S2) to the run state (S0), the virtual machine process (VMX) collects information about the last recorded running state for the virtual machine. Under some circumstances, VMX read state information from an incorrect memory location. This issue could be used to complete a successful Denial-of-Service attack where the virtual machine would need to be rebooted.
- Some VMware products support storing configuration information in VMware system files. Under some circumstances, a malicious user could instruct the virtual machine process (VMX) to store malformed data, causing an error. This error could enable a successful Denial-of-Service attack on guest operating systems.
- Some VMware products managed memory in a way that failed to gracefully handle some general protection faults (GPFs) in Windows guest operating systems. A malicious user could use this vulnerability to crash Windows virtual machines. While this vulnerability could allow an attacker to crash a virtual machine, we do not believe it was possible to escalate privileges or escape virtual containment.
- In a 64-bit Windows guest on a 64-bit host, debugging local programs could create system instability. Using a debugger to step into a syscall instruction may corrupt the virtual machine's register context. This corruption produces unpredictable results including corrupted stack pointers, kernel bugchecks, or vmware-vmx process failures. (bug 152159)

In addition, VMware Player 1.0.4 fixes the following problem:
- A problem with VMware Tools caused the guest to run out of memory.

更新時間：2007-03-02
更新細節：

What's new in this version:

Issues Resolved in VMware Server 1.0.2
- This release fixes certain memory leaks in VMware Tools on Windows guests.
- The vm-support script, which collects log files and other system information, now collects the bootloader configuration file.
- This release includes improved support for Intel family F processors.
- This release includes new support for Intel Rockton processors.
- This release fixes a bug that, under rare conditions, caused a crash when many virtual machines were booting under a heavy load.
- This release includes prebuilt modules for VMware Tools for SuSE SLES 10.
- This release fixes a bug that sometimes caused an assertion failure when calling VixVM_Open on an unregistered virtual machine.
- Starting in this release, guest.commands.allowAnonRootGuestCommandsOnHost and guest.commands.allowAnonRootGuestCommands settings can no longer be included in the .vmx file. To affect all the virtual machines on the host, you can include these settings in the global configuration file $LIBDIR/settings or CommonAppDatasettings.ini.
- Kernel modules now build on 2.6.18 kernels.
- Kernel modules now build on Debian's 2.6.17 kernels.
- HGFS now builds on 2.6.18-rc1 kernels.
- This release fixes a bug that occasionally caused a crash when uninstalling VMware Server just after resuming a Windows host system.
- This release fixes a bug that occasionally crashed 64-bit Windows Server 2003 Enterprise Edition hosts with SP1.
- This release fixes a bug that occasionally caused direct execution errors in V8086 mode when running 16-bit DOS applications in a Windows guest. This fix prevents direct execution errors that are caused by the sysenter instruction being improperly handled, and thus enables DOS applications to execute properly.
- CD-ROM and DVD-ROM emulation now work correctly in Vista guests.
- Vmnet compilation now works correctly for bridged networking on 2.6.18 or higher kernels.
- This release fixes a bug that, under rare conditions, caused guest memory to become corrupted.
- Second and subsequent snapshots no longer contain the absolute path to the base .vmdk file. This fix allows the virtual machine to be moved to another machine.
- This release fixes a bug that, under rare conditions, caused a system panic with sunfire 4100 hardware on a RedHat 4 64-bit guest.
- This release fixes a bug that occasionally caused Windows guests with dual vmxnet adapters to lose network connectivity.
- This release fixes a bug that occasionally caused a core dump when opening and powering on a FreeBSD6.0 guest and invoking VMware Tools.
- VMware Server 1.0.2 now correctly uses 2-CPU licenses instead of 8-CPU licenses on quad core machines.
- This release fixes a bug that occasionally caused a hang on RedHat Enterprise Linux 3 U5 virtual machines.

Security Issues Resolved in VMware Server 1.0.2
- This release fixes a security issue that could allow a malicious user to crash Windows guest operating systems. Rubén Santamarta of Reversemode discovered a vulnerability in the way that VMware delivered General Protection Faults to Windows guest operating systems, which is now fixed. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2007-1069 to this issue.
- This release fixes a security issue with the configuration program vmware-config, which could set incorrect permissions and umask on SSL key files. Local users might have been able to obtain access to the SSL key files. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2006-3589 to this issue. Note: The affected files include /usr/bin/vmware-config.pl and /usr/bin/vmware-config-mui.pl.
- RunProgramInGuest was being executed as SYSTEM in Windows guests. Now it executes as the user running it with that user's permissions.

更新時間：2007-02-22
更新細節：

更新時間：2006-11-23
更新細節：