Novell Messenger and the Poodle SSLv3 Vulnerability

  • 7015817
  • 22-Oct-2014
  • 14-Nov-2014

Environment

Novell Messenger 2.2

Situation

On October 14, 2014, Google announced the "POODLE" vulnerability in the SSLv3 protocol (see http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html for more information).

Resolution

Novell has released Messenger 2.2 Support Pack 2 Hot Patch 2 to address the POODLE vulnerability. That update is available on our Patch Finder website at this link: https://download.novell.com
 
 

Status

Security Alert

Additional Information

Bug          Component - Issue
==================================================================
901599     Misc - Update OpenSSL to 0.9.8zc
901602     Client Cross Platform - Update Java to 1.7u71 for linux client
902438     Archive Agent - NMAA cores and then won't start (coredump at every start).

Feedback service temporarily unavailable. For content questions or problems, please contact Support.