About the E4_4_4_TLSv12_3 Patch
This patch addresses the following issues:
- Fixed a problem where attaching files to an email would fail occasionally (MIRA-55039).
- Vulnerability in SSLv3 (CVE-2014-3566) - Padding Oracle On Downgraded Legacy Encryption (POODLE) (MIRA-55087).
- TLSv1.1 and TLSv1.2 are available (MIRA-55089).
- Removed MD5 ciphers from SSL/TLS protocols (MIRA-55155).
- OpenSSL version mismatch (MIRA-55313, MIRA-55355).
NOTE:
- This patch restarts all the services.
- The patch can be removed (uninstalled).
- Patch removal also restarts all the services.
- Any previous version of the patch should be removed if it exists on the system.
Installing the Patch
To install this patch:
- Use a telnet client to connect to the administration command-line
interface on port 23 on your Mirapoint appliance.
- Log in as an administrator.
- Issue the following command:
Version
If the result returned is 4.4.4 or 4.4.5, you can install this patch.
- Install the E4_4_4_TLSv12_3 patch using the following CLI command:
Update Install ftp://ftp.mirapoint.com/pub/updates/E4_4_4_TLSv12_3
- After installing the patch, perform the following CLI command:
SSL NEWCERT 127.0.0.1
Always check the system log after installing a patch regardless of whether
installation succeeds or fails.