IBM addresses Poodle and SHA-2 issues in new technotes
Tags :Poodle SHA-2 SSL Domio 9
IBM has addressed SHA-2 support and the Poodle vulnerability for IBM Domino in new technotes that were released. Here are the links and info.
Technote #1418982 titled Planned SHA-2 deliveries for IBM Domino 9.1
SHA-2 support for Domino 9.x is planned to be delivered over the next several weeks via an Interim Fix.
Technote #1687167 titled How is IBM Domino impacted by the Poodle attack?
IBM intends to release Domino server Interim Fixes over the next several weeks that implement TLS 1.0 with TLS_FALLBACK_SCSV for HTTP to mitigate against POODLE. Implementing TLS 1.0 will allow browsers to still connect to Domino after they have been changed to address the POODLE attack, and Domino will protect against browsers that have been compromised by POODLE.
IBM will provide Interim Fixes
As you can see IBM will be making interim fixes that will need to be applied to your infrastructure. This includes HTTP traffic for XPages, Traveler, IBM Connections and everything else. Many bloggers have info on what the impacts are unpatched.
blog comments powered by Disqus
On Tuesday, October 21st, 2014 by Chris Miller