VMware has published a KB article and updated it with new information related to the patches for OpenSSL (aka Heartbleed) for VMware Products.
The list of VMware products affected are as follows and patches are going to be available by April 19th. The Horion DaaS and vCloud Hybrid Service remains unaffected.
- ESXi 5.5
- NSX-MH 4.x
- NSX-V 6.0.x
- NVP 3.x
- vCenter Server 5.5 (including VMware Big Data Extensions 1.x)
- vFabric Web Server 5.0.x – 5.3.x (For remediation details, see the Security Advisory on Critical Updates to vFabric Web Server document.)
- VMware Fusion 6.0.x
- VMware Horizon Mirage Edge Gateway 4.4.x (for specific remediation details, see VMware Security Advisory VMSA-2014-0004)
- VMware Horizon View 5.3 Feature Pack 1
- VMware Horizon View Client for Android 2.1.x, 2.2.x, 2.3.x
- VMware Horizon View Client for iOS 2.1.x, 2.2.x, 2.3.x
- VMware Horizon View Client for Windows 2.3.x
- VMware Horizon Workspace 1.0 (for specific remediation details, see VMware Security Advisory VMSA-2014-0004)
- VMware Horizon Workspace 1.5 (for specific remediation details, see VMware Security Advisory VMSA-2014-0004)
- VMware Horizon Workspace 1.8 (for specific remediation details, see VMware Security Advisory VMSA-2014-0004)
- VMware Horizon Workspace Client for Macintosh 1.5.1
- VMware Horizon Workspace Client for Macintosh 1.5.2
- VMware Horizon Workspace Client for Windows 1.5.1
- VMware Horizon Workspace Client for Windows 1.5.2
- VMware Horizon Workspace for Macintosh 1.8
- VMware Horizon Workspace for Windows 1.8
- VMware OVF Tool 3.5.0
- VMware vCloud Automation Center (vCAC) 6.x
- VMware vCloud Networking and Security (vCNS) 5.1.3
- VMware vCloud Networking and Security (vCNS) 5.5.1
There is also a long list of VMware products that are not affected by the bug and more information is available on the KB article.