System Manager: CVE-2014-3566 also known under the alias POODLE

Doc ID		SOLN264665
Version:		5.0
Status:		Published
Published date:		19 Jul 2016
Created Date:		03 Mar 2015

Author:

Gina Reda

Details

System Manager

Problem Clarification

CVE-2014-3566 also known under the alias POODLE

There are two RHSA’s released by Redhat for CVE-2014-3566:

RHSA-2014-1653 openssl security update in October 2014

RHSA-2014-1948 nss, nss-util, and nss-softokn security, bug fix, and enhancement update in December 2014

Cause

Security Vulnerability

Solution

ASA-2014-432 openssl security update (RHSA-2014-1653) MR: SMGR-29033 was released in System Manager 6.3.11. The ASA, release notes and RHSA links are below

ASA-2014-432
https://downloads.avaya.com/css/P8/documents/101001521

RedHat
https://rhn.redhat.com/errata/RHSA-2014-1653.html

Avaya Aura® System Manager 6.3.11 Release Notes

https://downloads.avaya.com/css/P8/documents/101004573

The fix for RHSA-2014-1948 was just released to Avaya Feb 9, 2015 from RedHat. The ASA-2015-012 nss, nss-util, and nss-softokn security, bug fix, and enhancement update link is below. There is no status or release date for the pending MR which is still being tested by the product house. Once the testing has been completed the MR will be applied to the next Service Pack scheduled for release.

https://downloads.avaya.com/css/P8/documents/101007345

Avaya -- Proprietary. Use pursuant to the terms of your signed agreement or Avaya policy