Archive

Archive for April, 2014

HP releases new Service Pack for ProLiant to fix Heartbleed bugs & Broadcom nic deaths

April 29th, 2014 No comments

HP has released a new version of its Service Pack for Proliant 2014.02.(B). (B) designates the new version

This update includes the fixes for Heartbleed as well as the bug that can fry your G2-G6 Broadcom Nics.

It looks as though HP has only released the Full ISO image and not the blade/rack mount versions. (Please HP can you rather create a Windows everything image and a RHEL everything one rather than segregating on blade/rack mount as well as Window/RHEL)

Fixes:

  • HP Onboard Administrator for Windows and Linux version 4.12 replaced 4.11
  • HP System Management Homepage for Windows and Linux version 7.3.2 replaced 7.3.1.4
  • HP Integrated Lights-Out 2 for Windows and Linux version 2.25 replaced 2.23
  • HP BladeSystem c-Class Virtual Connect Firmware, Ethernet plus 4/8Gb 20-port and 8Gb 24-port FC Edition Component for Windows and Linux version 4.10(b) replaced 4.10
  • HP Smart Update Manager version 6.3.1 replaced 6.2.0
  • HP Proliant G2-G6 Broadcom Comprehensive Configuration Management Firmware issue with version 7.8.21
Categories: HP Tags:

WARNING: HP G2-G6 server nics killed by firmware update in HP SPP 2014.02

April 25th, 2014 6 comments

UPDATE 29/04/2014

HP has released an updated HP Service Pack for Proliant which fixes the issue.


 

HP has released a very serious customer advisory saying that some Broadcom Nics which are used in G2-G6 servers and blades could be killed by a firmware update component in their HP Service Pack for Proliant 2014.02.

Using HPSUM, HP SPP or Smart Components for VMware to update the “Comprehensive Configuration Management” (CCM) firmware version to 7.8.21 can kill the nics which would require a hardware swap out to fix!

I would suggest immediately removing the update from HPSUM or the SPP.

If you absolutely need to update the firmware, you can run the component manually and chose not to update CCM.

Affected Nics:

Any HP ProLiant server with any of the following Broadcom Nics:

  • HP NC373T PCIe Multifunction Gig Server Adapter
  • HP NC373F PCIe Multifunction Gig Server Adapter
  • HP NC373i Multifunction Gigabit Server Adapter
  • HP NC374m PCIe Multifunction Adapter
  • HP NC373m Multifunction Gigabit Server Adapter
  • HP NC324i PCIe Dual Port Gigabit Server Adapter
  • HP NC326i PCIe Dual Port Gigabit Server Adapter
  • HP NC326m PCI Express Dual Port Gigabit Server Adapter
  • HP NC325m PCIe Quad Port Gigabit Server Adapter
  • HP NC320i PCIe Gigabit Server Adapter
  • HP NC320m PCI Express Gigabit Server Adapter
  • HP NC382i DP Multifunction Gigabit Server Adapter
  • HP NC382T PCIe DP Multifunction Gigabit Server Adapter
  • HP NC382m DP 1GbE Multifunction BL-c Adapter
  • HP NC105i PCIe Gigabit Server Adapter

HP SPP Components

Linux:

  • CP018941.scexe and CP018942.scexe – v2.9.21
  • CP021160.scexe and CP021161.scexe – v2.9.24
  • CP021536.scexe and CP021537.scexe – v2.9.26
  • CP021068.scexe and CP021069.scexe – v2.10.15
  • CP023112.scexe and CP023113.scexe – v2.10.16

Windows:

  • cp018467.exe and cp018468.exe – v4.0.0.22
  • cp021534.exe and cp021535.exe – v4.0.0.22 (B)
  • cp021547.exe and cp021547.exe – v 4.0.0.26

VMware:

  • CP019762.scexe – v1.0.21
  • CP021532.scexe – v1.0.21.3
  • CP021849.scexe – v1.1.10

Wow, that’s a big one, I thought the days of terrible Broadcom firmware updates were beyond us, I guess not!

Categories: HP Tags: , , ,

HP Server software affected by HeartBleed: OA, SUM, SMH & iLO

April 16th, 2014 4 comments

Heartbleed Bug

UPDATE 29/04/2014

HP has released an updated HP Service Pack for Proliant which contains the Heartbleed fixes.

UPDATE: 22/04/2014

A new issue has been spotted where although iLO devices are not affected by Heartbleed, running a vulnerability scanner against iLO and iLO2 ports can cause the device to lock up which requires you to physically remove the power or reset the blade to get back iLO functionality.

HP has also updated its advisories to include fixes for SMH, SUM and partly for OA.

 

 


 

The world has been scrambling to understand and mitigate the effects of the HeartBleed SSL vulnerability.

HP has released information about which of its server management products are affected by HeartBleed.

The good news is that the following products are NOT affected.

  • Virtual Connect
  • Integrated Lights Out (iLO) 2, 3, 4
  • HP Insight Control Server Provisioning
  • System Management Homepage (SMH) HP-UX
  • HP OneView
  • Systems Insight Manager
  • NonStop SSL
  • iTP WebServer for NonStop Servers
  • Onboard Administrator for NonStop Integrity Platforms
  • HP-UX
  • OpenVMS

The following products ARE affected and as yet there are no fixes.

Check back with the linked security bulletins or sign up to get HP Security Bulletin alerts at http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

HP System Management Homepage (SMH) Linux and Windows

HP has updated the advisory below with new versions of SMH

HPSBMU02998

The following versions are affected: 7.1.2, 7.2, 7.2.1, 7.2.2, 7.3, 7.3.1

No fix as yet, no suggestion from HP as to what to do, best not to access it then unless on a secure and isolated private management network.

If you’ve deployed HP agents to all your servers and include the SMH as is the default, get ready, you’re going to have to update all of your servers, if you thought your impact was limited, think again!

HP Onboard Administrator (OA)

HP has released a new 4.12 version, if you have 4.20 you can downgrade to 4.12 or wait for an update to 4.20. See the advisory below for the updated information.

HPSBMU02994

Versions 4.11 and 4.20 are affected, there is no fix as yet, the only current option is to downgrade your version.

HP Smart Update Manager (HP SUM)

HPSUM 6.3.1 has been released although the advisory has not yet been updated 

HPSBMU02997

Versions 6.0.0 through to 6.3.0 are affected, HP recommend limiting HP SUM usage to a secure and isolated private management network

Integrated Lights Out (iLO)

Document: c04249852

Although iLO devices are not affected by Heartbleed, there is another software bug which means if you run a vulnerability scanner against iLO and iLO2 ports it can cause the device to lock up which requires you to physically remove the power or reset the blade to get back iLO functionality. iLO3 and iLO4 are not affected.

Categories: HP Tags:

HP releases Virtual Connect 4.2, adds sFlow

April 14th, 2014 1 comment

HP has a minor but recommended update for its Virtual Connect firmware to 4.20 which adds sFlow monitoring support which didn’t make it into the final Virtual Connect 4.01 along with support for a new HP Virtual Connect FlexFabric-20/40 F8 Module.

Some of the older Virtual Connect switches are being retired from a software support perspective so be aware that beginning with VC 3.70, the HP 1/10Gb VC Enet Module (399593-B22) and the HP 1/10Gb-F VC Enet Module (447047-B21) are no longer supported. Beginning with VC 4.10, the HP 4Gb VC-FC Module (409513-B21) is no longer supported.

There are quite a few fixes in this release so make sure you read the Release Notes.

There is also a serious bug to do with file permissions which means the config may not be saved so ensure you have a look at OA Customer Advisory c02639172 to see if any changes you have made may not be kept.

If you have multiple enclosures linked together, you should NOT upgrade directly from VC 2.x but rather upgrade first to 3.7 or 4.1 and then on to 4.2. This is due to a big that can cause a network outage.

You will need to use the 1.9 Virtual Connect Support Utility update the firmware which was released last September.

Categories: Flex-10, HP Tags: , ,

VMware announces Horizon View 6 taking on Citrix XenApp with RDS Hosted Apps

April 9th, 2014 No comments

VMware has announced the latest version of their End User Computing product Horizon View.

There have been 5 major changes to Horizon View:

  • RDS Hosted Apps
  • Application Catalog Enhancements
  • Cloud Pod Architecture
  • Virtual SAN Support
  • vCOPS for View 6

RDS Hosted Apps

RDS Hosted apps will allow Horizon View clients to access applications and full desktops running on Windows Remote Desktop Services Hosts. This is big news as it gives VMware a competing product to Citrix XenApp.

image

For people who know about VDI, what is the difference? Well, VDI delivers an entire desktop to a particular user. This desktop is a whole virtual machine with an OS and applications. RDS (Remote Desktop Services) means using the capabilities of Microsoft RDS (previously Terminal Services) to allow multiple users to connect to a single OS but have separate private desktop instances and applications (the server doesn’t even have to be virtual but you’d be daft not to). With RDS you can display a full desktop but can also display just an application seamlessly without all the desktop stuff around it. You don’t need as many OS instances which means better resource utilisation as well as fewer Microsoft licenses.

Read more…

Categories: Citrix, View, VMware, XenDesktop Tags: , , ,