Novell Data Synchronizer / GroupWise Mobile Service and Poodle SSLv3 Vulnerability

  • 7015791
  • 17-Oct-2014
  • 18-Feb-2015

Environment

Novell GroupWise Mobility Service 2.0
Novell Data Synchronizer Mobility Pack

Situation

On October 14, 2014, Google announced the "POODLE" vulnerability in the SSLv3 protocol (see http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html for more information).

Resolution

GMS 2.1 has been officially released which includes a fix to address a security vulnerability in the SSLv3 protocol:
https://download.novell.com/Download?buildid=M9FHAHTTc-s~

A fix is also available for GMS 2.0.1, please refer to Security Patch 1 to patch:
https://download.novell.com/Download?buildid=7Oi1UsDsieQ~

Status

Reported to Engineering
Security Alert