Hotfix XS82E025 – For Citrix Hypervisor 8.2

Who Should Install This Hotfix?

This is a hotfix for customers running Citrix Hypervisor 8.2.

All customers who are affected by the issues described in CTX316325 – Citrix Hypervisor Multiple Security Updates should install this hotfix.

Information About this Hotfix

Component Details
Prerequisite None
Post-update tasks None
Content live patchable** No
Baselines for Live Patch N/A
Revision History

Published on Jun 23, 2021

** Available to Enterprise Customers.

Issues Resolved In This Hotfix

This security hotfix addresses the vulnerabilities as described in the Security Bulletin above. In addition, it resolves the following issue:

  • On Windows VMs that boot in UEFI-enabled mode, Windows Update KB4535680 can sometimes fail to install.

    This hotfix fixes this issue for VMs created after the hotfix is applied.

    For existing VMs, after applying the hotfix and before attempting to apply the Windows Update, Complete the following steps to repair the VM:

    1. Shutdown the VM
    2. Run the following command in the dom0 console:
      varstore-sb-state <VM-uuid> setup

This hotfix also includes the following previously released hotfixes:

Installing the Hotfix

Customers should use either XenCenter or the Citrix Hypervisor Command Line Interface (CLI) to apply this hotfix. When the installation is complete, see the Post-update tasks in the table Information About this Hotfix for information about any post-update tasks you should perform for the update to take effect. As with any software update, back up your data before applying this update. Citrix recommends updating all servers within a pool sequentially. Upgrading of servers should be scheduled to minimize the amount of time the pool runs in a “mixed state” where some servers are upgraded and some are not. Running a mixed pool of updated and non-updated servers for general operation is not supported.

Installing the Hotfix by using XenCenter

Choose an Installation Mechanism

There are three mechanisms to install a hotfix:

  1. Automated Updates
  2. Download update from Citrix
  3. Select update or Supplemental pack from disk

The Automated Updates feature is available for Citrix Hypervisor Premium Edition customers, or to those who have access to XenServer through their Citrix Virtual Apps and Desktops entitlement. For information about installing a hotfix using the Automated Updates feature, see the Applying Automated Updates in the Citrix Hypervisor documentation.

For information about installing a hotfix using the Download update from Citrix option, see Applying an Update to a Pool in the Citrix Hypervisor documentation.

The following section contains instructions on option (3) installing a hotfix that you have downloaded to disk:

Follow the on-screen recommendations to resolve any update prechecks that have failed. If you want XenCenter to automatically resolve all failed prechecks, click Resolve All. When the prechecks have been resolved, click Next.

Note: If you click Cancel at this stage, the Install Update wizard reverts the changes and removes the update file from the server.

  1. Download the hotfix to a known location on a computer that has XenCenter installed.
  2. Unzip the hotfix zip file and extract the .iso file
  3. In XenCenter, on the Tools menu, select Install Update. This displays the Install Update wizard.
  4. Read the information displayed on the Before You Start page and click Next to start the wizard.
  5. Click Browse to locate the iso file, select XS82E025.iso and then click Open.
  6. Click Next.
  7. Select the pool or servers you wish to apply the hotfix to, and then click Next.
  8. The Install Update wizard performs a number of update prechecks, including the space available on the servers, to ensure that the pool is in a valid configuration state. The wizard also checks whether the servers need to be rebooted after the update is applied and displays the result.
  9. Choose the Update Mode. Review the information displayed on the screen and select an appropriate mode.
  10. Click Install update to proceed with the installation. The Install Update wizard shows the progress of the update, displaying the major operations that XenCenter performs while updating each server in the pool.
  11. When the update is applied, click Finish to close the wizard.
  12. If you chose to carry out the post-update tasks, do so now.

Installing the Hotfix by using the xe Command Line Interface

  1. Download the hotfix file to a known location.
  2. Extract the .iso file from the zip.
  3. Upload the .iso file to the main server of the pool by entering the following commands:

    (Where -s is the main server’s IP address or DNS name.)

    xe -s <server> -u <username> -pw <password> update-upload file-name= <filename>XS82E025.iso

    Citrix Hypervisor assigns the update file a UUID which this command prints. Note the UUID.

    6ecfda15-8d85-49e9-9685-cbc17b7d954b

  4. Apply the update to all servers in the pool, specifying the UUID of the update:

    xe update-pool-apply uuid=6ecfda15-8d85-49e9-9685-cbc17b7d954b

    Alternatively, if you need to update and restart servers in a rolling manner, you can apply the update file to an individual server by running the following:

    xe update-apply host= <server> uuid=6ecfda15-8d85-49e9-9685-cbc17b7d954b

  5. Verify that the update was applied by using the update-list command.

    xe update-list -s <server> -u root -pw <password> name-label=XS82E025

    If the update is successful, the hosts field contains the UUIDs of the servers to which this update was successfully applied. This should be a complete list of all servers in the pool.

  6. Use the update-pool-clean command to remove the update files from all servers in the pool. This command frees up space on shared storage and does not uninstall the update.

    xe update-pool-clean uuid=6ecfda15-8d85-49e9-9685-cbc17b7d954b

Hotfix Source

This source code is not necessary for hotfix installation: it is provided to fulfill licensing obligations.

Log in to verify download permissions

You must be logged in to your Citrix account to access the following link and to download the source code for any modified open source components XS82E025-sources.iso.

Files

Hotfix File

Component Details
Hotfix Filename XS82E025.iso
Hotfix File sha256 136b8bb5d345dcb80663dd6e02123dc5f06992d5560bd040fbc592ce78d3fd94
Hotfix Source Filename XS82E025-sources.iso
Hotfix Source File sha256 1613aeef2a86fcbdae55649af7a2944dfbe727da624bd2e3398aa04c82341d35
Hotfix Zip Filename XS82E025.zip
Hotfix Zip File sha256 072dbb6e55362ee25a801ccde81ec47ac2c6d80e227d4efb88ce0fd3d0b10dd9
Size of the Zip file 6.02 MB

Files Updated

qemu-2.10.2-4.5.4.x86_64.rpm
secureboot-certificates-0.5.0-1.x86_64.rpm
varstored-0.9.4-1.x86_64.rpm

More Information

For more information, see Citrix Hypervisor Documentation.

If you experience any difficulties, contact Citrix Technical Support.

Related:

  • No Related Posts

Leave a Reply