Deployment and Patch Don’t Always Play Well Together

I need a solution

I’m running 8.5 RU2 with persistent connection, and I love how real time many things are.

I have noticed, though, if I’m deploying an image with many software installs that install as post image tasks, often patch will begin installing titles and this creates a conflict causing my software installs to fail.

For example, we have a technology lab with several adobe titles, several autocad titles, etc.  It can take these image jobs 80+ minutes to complete.

The agent should somehow be smart enough to not allow these install conflicts to happen.  Please don’t suggest I start building fat images building the titles into the image, that’s just bad practice.  If I need to update Photoshop on 3 labs, I don’t want to rebuild 3 images, I just want to update 1 post image task used in the 3 lab imaging jobs.

For now, I’m just disabling all my patch policies when we image those lab machines, but that’s not ideal and a little bit of a security risk as someone needs to re-enable them.

I don’t want to not put the patch plugin on the base image because as soon as it attempts to install, it kills the agent mid whatever it’s doing.  I thought about having a dummy file placed at end of image time and then scope the patch plugin to only install on computers with that dummy file, but again I think this would also a timing issue because existing machines in the console being reimaged would fall into the filter and attempt to install the agent as soon as they come up.

Thoughts?  I am sure I posted this issue before, and I looked through my post history, but couldn’t find it, so I apologize if I’m repeating myself to some.

I’ll put a ticket in as well.

0

Related:

  • No Related Posts

Cisco MDS 9700 Series Multilayer Directors and Nexus 7000/7700 Series Switches Software Patch Signature Verification Vulnerability

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device.

The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by loading an unsigned software patch on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. 

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-nxos-spsv

Security Impact Rating: Medium

CVE: CVE-2019-1808

Related:

  • No Related Posts

ZENworks Patch Management: Reduced Package Size for Windows 10 1809 x64 Monthly Updates

Darrin VandenBos

In case you haven’t heard, Microsoft introduced a new update process in Windows 10 version 1809 (64-bit)  that significantly reduces the size of the monthly cumulative updates. This is much welcomed news considering the headaches caused by the ever-increasing size of the cumulative updates. Recently, I’ve received a few questions about whether or not ZENworks …

+read more

The post ZENworks Patch Management: Reduced Package Size for Windows 10 1809 x64 Monthly Updates appeared first on Cool Solutions. Darrin VandenBos

Related:

  • No Related Posts

KB4487011 and KB4487006 fix unresponsive app issues

Microsoft recently released Windows 10 cumulative updates KB4487006, KB4487011, KB4487021, and KB4487029 addressing non-security bugs in the operating system. The company aims to enhance the reliability of the OS with bug fixes, stability enhancement and quality improvements.

KB4487011 improvement and fixes

KB4487011 offers four major improvements and fixes that we’ll list below:

1. IE Fails To Load Images Bug Fix

The update addressed the problems related to loading images having a backslash () in their relative source path. The issue was reported in the previous releases.

2. Microsoft Access Bug Fix

The Microsoft Access bug was responsible for randomly stopping those apps that are using Microsoft Jet database along with the Microsoft Access 95 file format. Just like the previous issue, this bug was also reported in KB4487044.

3. Application Not Responding Bug Fix

This issue was reported by the users that the issue arose when the same input queue is used by its two threads.

4. Device Compatability Issue Fix

This fix addresses a bug that existed in the evaluation of the compatibility status of the entire ecosystem of Windows. It is done to ensure device and application compatibility for all Windows updates.

KB4487011 Known Issues

As of now, Microsoft has not acknowledged any known issues in the update. The blog post will be updated if the tech giant confirms any potential bugs.

KB4487006 Improvement & Fixes

Apart from the device compatibility and issues and Microsoft Access bug fix, the update comes along with a series of bug fixes. Some of the major features are discussed below.

1. Remote Desktop Protocol (RDP) Client Bug

The release of KB4487006 resolved a major issue that existed in the previous build. The users got black screen at the login in the Remote Desktop Protocol (RDP) client application.

2. win32kfull.sys Reliability Issue

The update fixes a reliability issue with win32kfull.sys, that existed in the previous versions. The bug was initially introduced in KB4487026.

3. Microsoft Outlook “The operation failed” error

When a user tried to open the Microsoft Exchange Address Book, “The operation failed” used to appear. The issue was introduced after the installation of KB4457127 on Active Directory domain controllers.

KB4487006 Known Issues

1. Startup Issues in Specific Laptops

Specific Lenovo and Fujitsu laptops that currently have less than 8 GB RAM may face startup issues. The bug is created as a result of KB4467691installation.

One of the easiest ways to resolve the issue is restarting your machine with the help of Unified Extensible Firmware Interface (UEFI). Make sure to disable Secure Boot before restarting the device.

2. Cluster Service Start Fail

If the “Minimum Password Length” of the group policy uses more than 14 characters then the users can face cluster service start fail error. The following error message is displayed to the user “2245 (NERR_PasswordTooShort)”. The installation of KB4467684 triggers the error.

Microsoft is currently working to resolve the issue and the workaround is expected to be available in the coming weeks. Till now the company suggests the users to set the default minimum password length policy to equals to or less than 14 characters.

3. IE 11 Authentication Issues

Some authentication issues are reported in Internet Explorer 11 right after the installation of IE11. As soon as the same account is used by two or more users for various concurrent login sessions on the same Windows Server machine.

Microsoft recommends the users to create unique user accounts. Moreover, multiple RDP sessions should be disabled for each user account.

System Center Virtual Machine Manager (SCVMM) fails to manage the logical switches that have been deployed on the host that is managed by SCVMM. Also, a stop error is raised in vfpext.sysif you fail to follow the best practices.

A quick workaround is to access the affected host machine to run mofcomp files for running two mof files named as Scvmmswitchportsettings.mof and VMMDHCPSvr.mof. Microsoft recommends that users can avoid a stop error by following the best practices.

Download KB4487011/KB4487006 for Windows 10

The KB4487011/KB4487006 patch can be automatically downloaded through the Settings menu. If you have not yet received the update you need to open the Settings menu by pressing Win+I. Now you need to navigate to Update & Security >>Windows Update >> Check for updates.

You can enhance the consistency of the update process by installing the latest servicing stack update (SSU) just before installing the LCU KB4487011.

Microsoft has followed its tradition to specify third Tuesday of the month for the release of the non-security cumulative update. Although these updates are termed as non-security, it is yet not clear that either security components are included in the update or not. 

Comment down below if you have faced any pre and post-installation issues while installing KB4487011 and KB4487006.

Email notification and Patch Stop Time?

I need a solution

Hi, I have some questions whether is it possible to set up email notifications for the following scenarios:

  • Agent status change
  • Results of patch pushing

as well as is it possible to specify the stop time for patches that taking more than x amount of time to install? I saw a setting on Windows Remediation with a Terminate after field but I am unsure whether it is the correct setting that I am looking for.

Thanks in advanced.

0

Related:

  • No Related Posts

Windows 7 extended support

I need a solution

All,

  curious if anyone has any idea on if Symantec is going to be able to support patching for the customers that pay for extended support.

for WinXP it SUCKED.. royally was horrible for me… i had to basically do a custom filter to target my machines, create software then policy to deploy it.. FOR EVERY PATCH!!!!! i think i did an article for it as well but come Win7, I think there are so many more variants that it would take days to do…

anyone else in this situation?

0

Related:

  • No Related Posts

Driver Disk for Microsemi smartpqi 1.1.2-125 – For XenServer 7.1

Who Should Install this Driver Disk?

Customers running Citrix XenServer 7.1.0 who use Microsemi’s smartpqi driver and wish to use the latest version of the following:

Driver Module Version
smartpqi
1.1.2-125

Issues Resolved In this Driver Disk

Includes general enhancements and bug fixes.

Firmware requirements for this Driver Disk

Please ensure that your hardware is running firmware versions greater or equal to the ones specified below, according to the chipset of your particular device:

  • Microsemi Adaptec SmartRAID 3100 Adapters with Firmware 1.32 [0]
  • Microsemi Adaptec SmartHBA 2100 Adapters with Firmware 1.32 [0]

Note: If your device has been branded by your OEM, please ensure that you consult them regarding the currently supported driver/firmware versions.

Installing the Driver Disk

Customers should use XenServer Command Line Interface (CLI) to install this update. Once the driver has been installed, the server must be restarted. As with any software update, Citrix advises customers to back up their data before applying this driver disk.

Please note that the attachment to this article is a zip file. It contains both the driver disk ISO mentioned below, and the source code for the driver. The zip file should be unzipped (to produce the driver disk ISO image), before carrying out the steps below. The source code ISO is not necessary for driver disk installation: it is provided to fulfill licensing obligations.

Installing as Part of a Clean XenServer Installation

  1. Once you have selected your keyboard layout at the first installer prompt, you will be presented with a welcome screen. At this point, press F9 on your keyboard, and insert the CD with the driver disk in it, or use one of the other methods such as installation over the network.

    Users should note that if installation over HTTP or FTP is to be used, the ISO image must be unpacked at that location (i.e. the installer expects to find the contents of the ISO at that network location, not the ISO itself).

  2. The installer will proceed to attempt to load the driver. If this is successful, you can continue with the installation as normal. Near the end of the installation, you will be prompted to re-insert the driver disk (otherwise known as a XenServer supplemental pack) so that the driver can be installed onto disk. You must re-supply the driver disk at this point. Failure to do so will mean that the installation will not contain the new drivers. After this step, no further action is required.

If the installer fails to load the new driver from the driver disk, it is likely to be because an earlier version of the driver has already been loaded. In general, this is because a hardware component is present that is supported by the version of the driver that ships as part of XenServer (even if another component is present that requires a newer version of the driver). To avoid the existing driver being loaded, use the following procedure.

  1. Reboot the host, leaving the XenServer installation CD-ROM in the drive.
  2. At the boot: prompt, type:

    shell

  3. You will now be presented with a command prompt. Type the following:

    rmmod smartpqi

    If this succeeds (i.e. there are no error messages printed), the installer’s versions of the drivers have been unloaded. If error messages are presented, it is likely that other drivers depend on one or more of the drivers you are attempting to unload. If this is the case, please contact Citrix Technical Support.

  4. Type

    exit

    or press Control+D on your keyboard, to return to the installer.

  5. Use the procedure described above to provide the driver disk to the installer, which should now load correctly.

Installing the Update by using the xe Command Line Interface

Perform the following steps to install the update remotely using the xe CLI:

  1. Download the update to a known location on a computer that has XenCenter installed.
  2. Upload the update:

    xe update-upload file-name=driver-microsemi-smartpqi-1.1.2_125.iso

    Note: The UUID of the update is returned when the upload completes.

  3. Apply the update:

    xe update-apply uuid=688d58e2-01e6-4852-a0c0-ef066e3c9756

  4. To complete the installation, restart the host. This ensures that the driver loads correctly.

Files

Update Files

Component Details
Filename driver-microsemi-smartpqi-1.1.2_125.iso
File sha256 9a83acbc02374efc7b5457ff9f32ff394bddd9f4d6e7afed616675f65f864d59
Source Filename driver-microsemi-smartpqi-1.1.2_125-sources.iso
Source File sha256 90901f2841b3402f892c78dcb1b626e15d8e63c442f43032f52ed1f3bcb6cc47
Zip Filename driver-microsemi-smartpqi-1.1.2_125.zip
Zip File sha256 b6d6137f194a37b69e38ce2b7ba12c56299edf81e0225c6cb1e60e7df43e7216
Size of the Zip file 0.12 MB

RPMs Provided

RPM Name
microsemi-smartpqi-1.1.2_125-1.x86_64.rpm

More Information

If you experience any difficulties, contact Citrix Technical Support.

For information on how to build driver disks, refer to Citrix XenServer ® 7.1 Supplemental Packs and the DDK Guide.

Related:

XenServer 7.1 Cumulative Update 2

Who Should Install This Cumulative Update?

XenServer 7.1 Cumulative Update 2 (XS71ECU2) must be installed by customers running XenServer 7.1 LTSR CU1. It includes all previously released XenServer 7.1 CU1 hotfixes. Installation of XS71ECU2 is required for all future functional hotfixes for XenServer 7.1 LTSR.

XenServer 7.1 Cumulative Update 2 and its subsequent hotfixes are available only to customers on the Customer Success Services program.

Citrix will continue to provide security updates to the base XenServer 7.1 CU1 product for a period of three months from the release date of the XenServer 7.1 Cumulative Update 2 (until March 12, 2019). After this three month period elapses, any new hotfixes released will only support XenServer 7.1 with CU2 applied.

For more information about XenServer 7.1 CU2, see the Citrix XenServer 7.1 Cumulative Update 2 Release Notes.

Information About this Cumulative Update

Component Details
Prerequisite
  • XenServer 7.1 CU1.

  • Licensed customer with Customer Success Service

Post-update tasks Restart Host
Content live patchable* No
Revision History Published on December 12, 2018
* Available to Enterprise Customers.

Included in this Cumulative Update

This cumulative update includes the following previously released hotfixes.

This cumulative update also includes additional fixes. For a list of the issues resolved by XenServer 7.1 CU2, see the Citrix XenServer 7.1 Cumulative Update 2 Release Notes.

Installing the Cumulative Update

Customers should use either XenCenter or the XenServer Command Line Interface (CLI) to apply this cumulative update. When the installation is complete, see the Post-update tasks in the table Information About this Cumulative Update for information about any post-update tasks you should perform for the update to take effect. As with any software update, back up your data before applying this update. Citrix recommends updating all hosts within a pool sequentially. Upgrading of hosts should be scheduled to minimize the amount of time the pool runs in a “mixed state” where some hosts are upgraded and some are not. Running a mixed pool of updated and non-updated hosts for general operation is not supported.

Note: The attachment to this article is a zip file. It contains the cumulative update update package only. Click the following link to download the source code for any modified open source components XS71ECU2-sources.iso. The source code is not necessary for cumulative update installation: it is provided to fulfill licensing obligations.

Installing the Cumulative Update by using XenCenter

Before installing this cumulative update, it is recommended that you update your version of XenCenter to the latest available version for XenServer 7.1 CU 2.

Choose an Installation Mechanism

There are three mechanisms to install a cumulative update:

  1. Automated Updates
  2. Download update from Citrix
  3. Select update or Supplemental pack from disk

The Automated Updates feature is available for XenServer Enterprise Edition customers, or to those who have access to XenServer through their XenApp/XenDesktop entitlement. For information about installing a cumulative update using the Automated Updates feature, seeApply Automated Updates.

For information about installing a cumulative update using the Download update from Citrix option, see Apply an updates to a pool.

The following section contains instructions on option (3) installing a cumulative update that you have downloaded to disk:

  1. Download the cumulative update to a known location on a computer that has XenCenter installed.
  2. Unzip the cumulative update zip file and extract the .iso file
  3. In XenCenter, on the Tools menu, select Install Update. This displays the Install Update wizard.
  4. Read the information displayed on the Before You Start page and click Next to start the wizard.
  5. Click Browse to locate the iso file, select XS71ECU2.iso and then click Open.
  6. Click Next.
  7. Select the pool or hosts you wish to apply the cumulative update to, and then click Next.
  8. The Install Update wizard performs a number of update prechecks, including the space available on the hosts, to ensure that the pool is in a valid configuration state. The wizard also checks whether the hosts need to be rebooted after the update is applied and displays the result.
  9. In addition, the Install Update wizard checks whether a live patch (this is an Enterprise Edition feature) is available for the cumulative update and if the live patch can be successfully applied to the hosts.

    Follow the on-screen recommendations to resolve any update prechecks that have failed. If you want XenCenter to automatically resolve all failed prechecks, click Resolve All. When the prechecks have been resolved, click Next.

  10. Choose the Update Mode. Review the information displayed on the screen and select an appropriate mode. If the update contains a live patch that can be successfully applied to the hosts, it displays No action required on the Tasks to be performed screen.
  11. Note: If you click Cancel at this stage, the Install Update wizard reverts the changes and removes the update file from the host.

  12. Click Install update to proceed with the installation. The Install Update wizard shows the progress of the update, displaying the major operations that XenCenter performs while updating each host in the pool.
  13. When the update is applied, click Finish to close the wizard.
  14. If you chose to carry out the post-update tasks, do so now.

Installing the Cumulative Update by using the xe Command Line Interface

  1. Download the cumulative update file to a known location.
  2. Extract the .iso file from the zip.
  3. Upload the .iso file to the Pool Master by entering the following commands:

    (Where -s is the Pool Master’s IP address or DNS name.)

    xe -s <server> -u <username> -pw <password> update-upload file-name=<filename>XS71ECU2.iso

    XenServer assigns the update file a UUID which this command prints. Note the UUID.

    1dbfd41c-a53d-41e7-aa64-a8f39e0baac8

  4. Apply the update to all hosts in the pool, specifying the UUID of the update:

    xe update-pool-apply uuid=<UUID_of_file>

    Alternatively, if you want to update and restart hosts in a rolling manner, you can apply the update file to an individual host by running the following:

    xe upload-apply host-uuid=<UUID_of_host> uuid=<UUID_of_file>

  5. Verify that the update was applied by using the update-list command.

    xe update-list -s <server> -u root -pw <password> name-label=XS71ECU2

    If the update is successful, the hosts field contains the UUIDs of the hosts to which this cumulative update was successfully applied. This should be a complete list of all hosts in the pool.

  6. If the cumulative update is applied successfully, carry out any specified post-update task on each host, starting with the master.

Files

Hotfix File

Component Details
Hotfix Filename XS71ECU2.iso
Hotfix File sha256 64b9d387cfc79fb97245a2425babaa4f46ccf9edf4730cde18fea7fe954a0f42
Hotfix Source Filename XS71ECU2-sources.iso
Hotfix Source File sha256 e46f7d3fb31b8e4bafcd5a49c06ce7b0d55f486489efd618514452aafb6c4305
Hotfix Zip Filename XS71ECU2.zip
Hotfix Zip File sha256 7cb0130b2ac64e4c5c7ccbe57ea232ff1224888b0a4848d20d8ca0674614ba08
Size of the Zip file 277.16 MB

Files Updated

biosdevname-0.3.10-3.x86_64.rpm
blktap-3.5.0-xs.1+1.0_71.1.2.x86_64.rpm
broadcom-bnxt-en-1.5.5.p1-1.x86_64.rpm
busybox-1.22.1-2.x86_64.rpm
ca-certificates-2015.2.6-73.el7.noarch.rpm
citrix-crypto-module-1.0.2n-11.x86_64.rpm
dracut-033-360.el7.centos.xs13.x86_64.rpm
dracut-network-033-360.el7.centos.xs13.x86_64.rpm
ethtool-4.5-3.el7.x86_64.rpm
forkexecd-1.1.2-2.el7.centos.x86_64.rpm
glibc-2.17-106.el7_2.4.x86_64.rpm
glibc-common-2.17-106.el7_2.4.x86_64.rpm
gpumon-0.4.0-3.el7.centos.x86_64.rpm
guest-templates-json-1.1.4-1.noarch.rpm
guest-templates-json-data-linux-1.1.4-1.noarch.rpm
guest-templates-json-data-other-1.1.4-1.noarch.rpm
guest-templates-json-data-windows-1.1.4-1.noarch.rpm
guest-templates-json-data-xenapp-1.1.4-1.noarch.rpm
host-upgrade-plugin-1.1.3.1-1.x86_64.rpm
intel-e1000e-3.4.0.2-1.x86_64.rpm
kernel-4.4.27-600.1.12.x86_64.rpm
kexec-tools-2.0.4-32.x86_64.rpm
kpatch-0.3.2-4.x86_64.rpm
kpatch-4.4.0+2-modules-0.3.2-4.x86_64.rpm
kpatch-modules-0.3.2-4.x86_64.rpm
linux-guest-loader-2.0.2-1.noarch.rpm
linux-firmware-20170622-3.2.noarch.rpm
linux-guest-loader-data-2.0.2-1.noarch.rpm
message-switch-1.4.1-2.el7.centos.x86_64.rpm
microcode_ctl-2.1-26.xs1.x86_64.rpm
ocaml-xenops-tools-1.0.1-5.el7.centos.x86_64.rpm
openssl-1.0.2k-8.el7.x86_64.rpm
openssl-libs-1.0.2k-8.el7.x86_64.rpm
openssl-perl-1.0.2k-8.el7.x86_64.rpm
openvswitch-2.3.2-24.1.3.1.x86_64.rpm
pbis-open-8.2.2-1.7.2.x86_64.rpm
pbis-open-upgrade-8.2.2-4.x86_64.rpm
qlogic-fastlinq-8.10.11.0.p1-1.x86_64.rpm
rrd2csv-1.0.2-3.el7.centos.x86_64.rpm
rrdd-plugins-1.0.4-4.el7.centos.x86_64.rpm
security-tools-1.0.1-1.x86_64.rpm
sm-1.17.0-xs.2+1.0_71.1.6.x86_64.rpm
sm-cli-0.9.8-2.el7.centos.x86_64.rpm
sm-rawhba-1.17.0-xs.2+1.0_71.1.6.x86_64.rpm
squeezed-0.13.2-2.el7.centos.x86_64.rpm
stunnel_xs-4.56-6.el7.centos.xs4.x86_64.rpm
tzdata-2018c-1.el7.noarch.rpm
v6d-citrix-10.0.9-1.el7.centos.x86_64.rpm
vendor-drivers-1.0.0-1.x86_64.rpm
vendor-update-keys-1.3.6-2.noarch.rpm
vgpu-7.1.0.1-1.x86_64.rpm
vhd-tool-0.11.4-2.el7.centos.x86_64.rpm
xapi-storage-0.9.0-3.el7.centos.x86_64.rpm
xapi-core-1.14.45-2.x86_64.rpm
xapi-storage-script-0.13.0-2.el7.centos.x86_64.rpm
xapi-tests-1.14.45-2.x86_64.rpm
xapi-xe-1.14.45-2.x86_64.rpm
xcp-networkd-0.13.6-2.el7.centos.x86_64.rpm
xcp-python-libs-2.0.5-2.noarch.rpm
xcp-rrdd-1.2.0-4.el7.centos.x86_64.rpm
xencenter-7.1.3.6923-1.noarch.rpm
xenopsd-0.17.12-2.el7.centos.x86_64.rpm
xenopsd-xc-0.17.12-2.el7.centos.x86_64.rpm
xenopsd-xenlight-0.17.12-2.el7.centos.x86_64.rpm
xenops-cli-1.0.2-3.el7.centos.x86_64.rpm
xenserver-docs-7.1.0-17.noarch.rpm
xenserver-firstboot-1.0.1.3-1.noarch.rpm
xenserver-pv-tools-7.2.101-1.noarch.rpm
xenserver-release-7.1.2-2.x86_64.rpm
xenserver-release-config-7.1.2-2.x86_64.rpm
xen-dom0-libs-4.7.6-1.26.x86_64.rpm
xen-device-model-0.10.2.xs-1.3.x86_64.rpm
xen-dom0-tools-4.7.6-1.26.x86_64.rpm
xen-hypervisor-4.7.6-1.26.x86_64.rpm
xen-libs-4.7.6-1.26.x86_64.rpm
xen-tools-4.7.6-1.26.x86_64.rpm
xsconsole-10.0.1-1.x86_64.rpm
xs-obsolete-packages-1-1.noarch.rpm

More Information

For more information, see the XenServer 7.1 Documentation.

If you experience any difficulties, contact Citrix Technical Support.

Related:

  • No Related Posts

XenServer 7.1 Cumulative Update 1

Who Should Install This Cumulative Update?

XenServer 7.1 Cumulative Update 1 (XS71ECU1) should be installed by customers running XenServer 7.1. It includes all previously released XenServer 7.1 hotfixes. Installation of XS71ECU1 is required for all future functional hotfixes for XenServer 7.1 LTSR.

XenServer 7.1 Cumulative Update 1 and its subsequent hotfixes are available only to customers on the Customer Success Services program.

Citrix will continue to provide security updates to the base XenServer 7.1 product for a period of three months from the release date of the XenServer 7.1 Cumulative Update 1 (until December 11, 2017). After this three month period elapses, any new hotfixes released will only support XenServer 7.1 with CU1 applied.

For more information about XenServer 7.1 CU1, see the Citrix XenServer 7.1 Cumulative Update 1 Release Notes.

Information About this Cumulative Update

Component Details
Prerequisite
  • XenServer 7.1

  • Licensed customer with Customer Success Service

Post-update tasks Restart Host
Content live patchable* No
Revision History Published on September 11, 2017
* Available to Enterprise Customers.

Included in this Cumulative Update

This cumulative update includes the following previously released hotfixes.

  1. CTX222368 – Hotfix XS71E001 – For XenServer 7.1
  2. CTX224279 – Hotfix XS71E002 – For XenServer 7.1
  3. CTX223285 – Hotfix XS71E003 – For XenServer 7.1
  4. CTX222843 – Hotfix XS71E004 – For XenServer 7.1
  5. CTX221590 – Hotfix XS71E005 – For XenServer 7.1
  6. CTX222424 – Hotfix XS71E006 – For XenServer 7.1
  7. CTX223290 – Hotfix XS71E007 – For XenServer 7.1
  8. CTX223858 – Hotfix XS71E008 – For XenServer 7.1
  9. CTX225676 – Hotfix XS71E009 – For XenServer 7.1
  10. CTX224899 – Hotfix XS71E010 – For XenServer 7.1
  11. CTX224691 – Hotfix XS71E011 – For XenServer 7.1
  12. CTX224697 – Hotfix XS71E012 – For XenServer 7.1
  13. CTX226298 – Hotfix XS71E013 – For XenServer 7.1
  14. CTX226299 – Hotfix XS71E014 – For XenServer 7.1

This cumulative update also includes additional fixes. For a list of the issues resolved by XenServer 7.1 CU1, see the Citrix XenServer 7.1 Cumulative Update 1 Release Notes.

Installing the Cumulative Update

Customers should use either XenCenter or the XenServer Command Line Interface (CLI) to apply this cumulative update. When the installation is complete, see the Post-update tasks in the table Information About this Cumulative Update for information about any post-update tasks you should perform for the update to take effect. As with any software update, back up your data before applying this update. Citrix recommends updating all hosts within a pool sequentially. Upgrading of hosts should be scheduled to minimize the amount of time the pool runs in a “mixed state” where some hosts are upgraded and some are not. Running a mixed pool of updated and non-updated hosts for general operation is not supported.

Note: The attachment to this article is a zip file. It contains the cumulative update update package only. Click the following link to download the source code for any modified open source components XS71ECU1-sources.iso. The source code is not necessary for cumulative update installation: it is provided to fulfill licensing obligations.

Installing the Cumulative Update by using XenCenter

Before installing this cumulative update, we recommend that you update your version of XenCenter to the latest available version for XenServer 7.1 CU 1.

Choose an Installation Mechanism

There are three mechanisms to install a cumulative update:

  1. Automated Updates
  2. Download update from Citrix
  3. Select update or Supplemental pack from disk

The Automated Updates feature is available for XenServer Enterprise Edition customers, or to those who have access to XenServer through their XenApp/XenDesktop entitlement. For information about installing a cumulative update using the Automated Updates feature, see the section Applying Automated Updates in the XenServer 7.1 Cumulative Update 1 Installation Guide.

For information about installing a cumulative update using the Download update from Citrix option, see the section Applying an Update to a Pool in the XenServer 7.1 Cumulative Update 1 Installation Guide.

The following section contains instructions on option (3) installing a cumulative update that you have downloaded to disk:

  1. Download the cumulative update to a known location on a computer that has XenCenter installed.
  2. Unzip the cumulative update zip file and extract the .iso file
  3. In XenCenter, on the Tools menu, select Install Update. This displays the Install Update wizard.
  4. Read the information displayed on the Before You Start page and click Next to start the wizard.
  5. Click Browse to locate the iso file, select XS71ECU1.iso and then click Open.
  6. Click Next.
  7. Select the pool or hosts you wish to apply the cumulative update to, and then click Next.
  8. The Install Update wizard performs a number of update prechecks, including the space available on the hosts, to ensure that the pool is in a valid configuration state. The wizard also checks whether the hosts need to be rebooted after the update is applied and displays the result.
  9. In addition, the Install Update wizard checks whether a live patch (this is an Enterprise Edition feature) is available for the cumulative update and if the live patch can be successfully applied to the hosts. For more information, see Live Patching in XenServer in XenServer 7.1 Installation Guide.

    Follow the on-screen recommendations to resolve any update prechecks that have failed. If you want XenCenter to automatically resolve all failed prechecks, click Resolve All. When the prechecks have been resolved, click Next.

  10. Choose the Update Mode. Review the information displayed on the screen and select an appropriate mode. If the update contains a live patch that can be successfully applied to the hosts, it displays No action required on the Tasks to be performed screen.
  11. Note: If you click Cancel at this stage, the Install Update wizard reverts the changes and removes the update file from the host.

  12. Click Install update to proceed with the installation. The Install Update wizard shows the progress of the update, displaying the major operations that XenCenter performs while updating each host in the pool.
  13. When the update is applied, click Finish to close the wizard.
  14. If you chose to carry out the post-update tasks, do so now.

Installing the Cumulative Update by using the xe Command Line Interface

  1. Download the cumulative update file to a known location.
  2. Extract the .iso file from the zip.
  3. Upload the .iso file to the Pool Master by entering the following commands:

    (Where -s is the Pool Master’s IP address or DNS name.)

    xe -s <server> -u <username> -pw <password> update-upload file-name=<filename>XS71ECU1.iso

    XenServer assigns the update file a UUID which this command prints. Note the UUID.

    5eea06f3-4990-497d-af7a-d0bba6f9f96a

  4. Apply the update to all hosts in the pool, specifying the UUID of the update:

    xe update-pool-apply uuid=<UUID_of_file>

    Alternatively, if you want to update and restart hosts in a rolling manner, you can apply the update file to an individual host by running the following:

    xe upload-apply host-uuid=<UUID_of_host> uuid=<UUID_of_file>

  5. Verify that the update was applied by using the update-list command.

    xe update-list -s <server> -u root -pw <password> name-label=XS71ECU1

    If the update is successful, the hosts field contains the UUIDs of the hosts to which this cumulative update was successfully applied. This should be a complete list of all hosts in the pool.

  6. If the cumulative update is applied successfully, carry out any specified post-update task on each host, starting with the master.

Files

Hotfix File

Component Details
Hotfix Filename XS71ECU1.iso
Hotfix File sha256 66a75cbddde0d6fb5712fa726c3e8e4505a9bde4a660618c247425aaddfa634b
Hotfix Source Filename XS71ECU1-sources.iso
Hotfix Source File sha256 6af223f7811cbea27c496c017bbf8940e022f98e5ea29125df40b2613b33eec0
Hotfix Zip Filename XS71ECU1.zip
Hotfix Zip File sha256 03c6765b1454176339a17373b35a682e191d2d103b0e5b14d9d94c9d069a6b90
Size of the Zip file 253 MB

Files Updated

blktap-3.5.0-xs.1+1.0_71.1.0.x86_64.rpm
control-XS71ECU1-1.0-1.noarch.rpm
device-mapper-1.02.107-5.xs+1.2.x86_64.rpm
device-mapper-event-1.02.107-5.xs+1.2.x86_64.rpm
device-mapper-event-libs-1.02.107-5.xs+1.2.x86_64.rpm
device-mapper-libs-1.02.107-5.xs+1.2.x86_64.rpm
forkexecd-1.1.2-1.el7.centos.x86_64.rpm
gpumon-0.4.0-2.el7.centos.x86_64.rpm
grub-2.02-1.xs18.x86_64.rpm
grub-efi-2.02-1.xs18.x86_64.rpm
grub-tools-2.02-1.xs18.x86_64.rpm
host-upgrade-plugin-1.1.3-1.x86_64.rpm
kernel-4.4.27-600.1.6.x86_64.rpm
lvm2-2.02.130-5.xs+1.2.x86_64.rpm
lvm2-libs-2.02.130-5.xs+1.2.x86_64.rpm
message-switch-1.4.1-1.el7.centos.x86_64.rpm
microcode_ctl-2.1-14.2.x86_64.rpm
ocaml-xenops-tools-1.0.1-4.el7.centos.x86_64.rpm
openssl-1.0.1e-51.el7_2.5.x86_64.rpm
openssl-libs-1.0.1e-51.el7_2.5.i686.rpm
openssl-libs-1.0.1e-51.el7_2.5.x86_64.rpm
openssl-perl-1.0.1e-51.el7_2.5.x86_64.rpm
openvswitch-2.3.2-24.1.2.0.x86_64.rpm
pbis-open-8.2.2-1.7.1.x86_64.rpm
pbis-open-upgrade-8.2.2-3.x86_64.rpm
rrd2csv-1.0.2-2.el7.centos.x86_64.rpm
rrdd-plugins-1.0.4-1.el7.centos.x86_64.rpm
sm-1.17.0-xs.2+1.0_71.1.1.x86_64.rpm
sm-cli-0.9.8-1.el7.centos.x86_64.rpm
squeezed-0.13.0-3.el7.centos.x86_64.rpm
systemd-219-19.el7_2.7.xs7.2.x86_64.rpm
systemd-libs-219-19.el7_2.7.xs7.2.x86_64.rpm
systemd-sysv-219-19.el7_2.7.xs7.2.x86_64.rpm
update-XS71ECU1-1.0-1.noarch.rpm
v6d-citrix-10.0.5-1.el7.centos.x86_64.rpm
vhd-tool-0.11.0-1.el7.centos.x86_64.rpm
wsproxy-1.1.0-1.el7.centos.x86_64.rpm
xapi-core-1.14.35-1.x86_64.rpm
xapi-storage-0.9.0-2.el7.centos.x86_64.rpm
xapi-storage-script-0.13.0-1.el7.centos.x86_64.rpm
xapi-tests-1.14.35-1.x86_64.rpm
xapi-xe-1.14.35-1.x86_64.rpm
xcp-networkd-0.13.4-1.el7.centos.x86_64.rpm
xcp-python-libs-2.0.2-1.noarch.rpm
xcp-rrdd-1.2.0-3.el7.centos.x86_64.rpm
xencenter-7.1.2.5459-1.noarch.rpm
xen-device-model-0.10.2.xs-1.2.x86_64.rpm
xen-dom0-libs-4.7.1-1.9.x86_64.rpm
xen-dom0-tools-4.7.1-1.9.x86_64.rpm
xengt-2.0.4-1.x86_64.rpm
xengt-userspace-2.0.4-1.x86_64.rpm
xen-hypervisor-4.7.1-1.9.x86_64.rpm
xen-libs-4.7.1-1.9.x86_64.rpm
xenops-cli-1.0.2-2.el7.centos.x86_64.rpm
xenopsd-0.17.10-1.el7.centos.x86_64.rpm
xenopsd-xc-0.17.10-1.el7.centos.x86_64.rpm
xenopsd-xenlight-0.17.10-1.el7.centos.x86_64.rpm
xenserver-docs-7.1.0-16.noarch.rpm
xenserver-pv-tools-7.1.54-1.noarch.rpm
xenserver-release-7.1.1-4.x86_64.rpm
xenserver-release-config-7.1.1-4.x86_64.rpm
xenserver-transfer-vm-7.1.2-2.noarch.rpm
xen-tools-4.7.1-1.9.x86_64.rpm

More Information

For more information see, the XenServer 7.1 Documentation.

If you experience any difficulties, contact Citrix Technical Support.

Related:

  • No Related Posts