Tuesday, 4 November 2014

Fixes POODLE and SHA-2

Fixes for IBM Notes and Domino regarding POODLE and SHA-2 available

IBM has released interim fixes for IBM Notes and Domino tonight that address the POODLE and SHA-2 issues.

IBM Notes and Domino Wiki Article
IBM Domino Interim Fixes to support TLS 1.0 which can be used to prevent the POODLE attack

Installing this interim fix on your Domino server will enable TLS 1.0 across the following protocols: HTTP, SMTP, LDAP, POP3, IMAP & DIIOP. No additional configuration is required to set up TLS. With this interim fix, Domino servers previously configured for SSL will connect with browsers (and other SSL/TLS clients) that request a TLS connection using TLS 1.0. This interim fix also supports TLS_FALLBACK_SCSV to prevent the POODLE downgrade attack: Domino will not permit web browsers that also support TLS_FALLBACK_SCSV TLS to fall back to SSL V3.
This Domino interim fix is available on all platforms for the following releases: 9.0.1 FP2, 9.0, 8.5.3 FP6, 8.5.2 FP4, 8.5.1 FP5.

Interim Fixes for 9.0.1.x IBM Notes, IBM Domino & IBM iNotes

More information :

Planned SHA-2 deliveries for IBM Domino 9.x
Generating a SHA-2 Keyring file
IBM Notes Domino Wiki SHA-2
IBM Notes Domino Wiki TLS

No comments:

Post a Comment