On September 20th VMware has released VMware NSX Data Center for vSphere 6.4.3.
There were only three weeks between the release of 6.4.2 and the new 6.4.3. VMware fixes two discovered issues the express way.
Do you have to upgrade?
The first bug which is fixed an issue with SSO in environments with multiple PSCs. See VMware KB57770.
- Fixed Issue 2186945: NSX Data Center for vSphere 6.4.2 will result in loss of SSO functionality under specific conditions
NSX Data Center for vSphere cannot connect to SSO in an environment with multiple PSCs or STS certificates after installing or upgrading to NSX Data Center for vSphere 6.4.2.
Fixed in 6.4.3.
The second one is an issue with IPSets. Third party security products don’t get the IPSets reported. See VMware KB57834.
- Issue 2186968: Static IPset not reported to containerset API call
If you have service appliances, NSX might omit IP sets in communicating with Partner Service Managers. This can lead to partner firewalls allowing or denying connections incorrectly. Fixed in 6.4.3.
Do I have to upgrade? – It depends :)
If you are using third party security software like Palo Alto Networks or Checkpoint firewalls my answer would be – YES
If you are running 6.4.2 I would say – You don’t need to do it now.
Full release notes can be found here at vmware.com.