Novell GroupWise and the Poodle SSLv3 Vulnerability

Document ID:7015816
Creation Date:22-Oct-2014
Modified Date:09-Jan-2015
- Micro Focus Products:
  GroupWise

Environment

Novell GroupWise 8

Novell GroupWise 2012

Novell GroupWise 2014

Situation

On October 14, 2014, Google announced the "POODLE" vulnerability in the SSLv3 protocol (see http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html for more information).

Resolution

The fixes for the POODLE vulnerability are included in these GroupWise updates (available to download at https://download.novell.com/patch/finder). Please note that you will need to up date both client and server components to completely secure your GroupWise system:

GroupWise 8.0 SP3 Hot Patch 5

Groupwise 2012 Support Pack 3 Hot Patch 1

GroupWise 2014 Support Pack 1 Hot Patch 1

Status

Security Alert