About the D4_4_5_sslv3_option Patch
This patch addresses the following issue:
- Vulnerability in SSLv3 - Padding Oracle On Downgraded Legacy Encryption (POODLE) - CVE-2014-3566.
- The browser page may automatically close when you attempt to add an attachment to a message.
- This patch reboots the appliance.
- The patch can be removed (uninstalled).
- Patch removal also reboots the appliance.
Installing the Patch
To install this patch:
- Use a telnet client to connect to the administration command-line
interface on port 23 on your Mirapoint appliance.
- Log in as an administrator.
- Issue the following command:
If the result returned is 4.4.5, you can install this patch.
- Install the D4_4_5_sslv3_option patch using the following CLI command:
Update Install ftp://ftp.mirapoint.com/pub/updates/D4_4_5_sslv3_option
- After installing the patch, perform the following commands:
SSL NEWCERT 127.0.0.1
SSL SETVERSION "tlsv1"
Always check the system log after installing a patch regardless of whether
installation succeeds or fails.