perfsonar-announce - Fwd: TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack
Subject: perfSONAR Announcements
List archive
- From: Jason Zurawski <>
- To: perfsonar-announce <>,
- Cc:
- Subject: Fwd: TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack
- Date: Wed, 10 Dec 2014 15:29:22 -0500
Greetings; See below for a revised announcement on the POODLE vulnerability. The perfSONAR team has reviewed this note, and a related announcement from Redhat (https://access.redhat.com/security/cve/CVE-2014-8730), the upstream provider of the operating system that underpins the perfSONAR Toolkit. At this time there are no additional risks to operators of the perfSONAR toolkit. The packages that RHEL/CentOS are currently using for SSL are not at risk, and the perfSONAR Toolkit updates since the disclosure of POODLE have disabled the use of SSL version 3. We would like to take this opportunity to remind all users to keep their systems up to date, and we will continue to monitor this issue, and any others, that may come up. Thanks, and please relay any questions or concerns to the development team: ; -jason
|
- Fwd: TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack, Jason Zurawski, 12/10/2014
Archive powered by MHonArc 2.6.16.