Blog

IBM addresses Poodle and SHA-2 issues in new technotes


Tags :


IBM has addressed SHA-2 support and the Poodle vulnerability for IBM Domino in new technotes that were released. Here are the links and info.
Technote #1418982 titled Planned SHA-2 deliveries for IBM Domino 9.1

SHA-2 support for Domino 9.x is planned to be delivered over the next several weeks via an Interim Fix.

Technote #1687167 titled How is IBM Domino impacted by the Poodle attack?
IBM intends to release Domino server Interim Fixes over the next several weeks that implement TLS 1.0 with TLS_FALLBACK_SCSV for HTTP to mitigate against POODLE. Implementing TLS 1.0 will allow browsers to still connect to Domino after they have been changed to address the POODLE attack, and Domino will protect against browsers that have been compromised by POODLE. 
IBM will provide Interim Fixes

As you can see IBM will be making interim fixes that will need to be applied to your infrastructure. This includes HTTP traffic for XPages, Traveler, IBM Connections and everything else.  Many bloggers have info on what the impacts are unpatched.