From mboxrd@z Thu Jan 1 00:00:00 1970 From: The IPFire Project To: ipfire-announce@lists.ipfire.org Subject: IPFire 2.15 - Core Update 85 released Date: Sun, 19 Oct 2014 18:03:45 +0200 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1105943306959149163==" List-Id: --===============1105943306959149163== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit http://www.ipfire.org/news/ipfire-2-15-core-update-85-released This is the official release announcement for IPFire 2.15 – Core Update 85. It comes with security fixes for the SSL issue known as POODLE, which was recently discovered. POODLE (CVE-2014-3566) As there is no fix for POODLE, the OpenSSL developers applied a workaround called “Signaling Cipher Suite Value” (SCSV) that prevents protocol downgrade attacks (the downgrade dance) on the TLS protocol. More information about this mechanism can be found in the IETF draft [1] and more about POODLE can be found in the POODLE whitepaper [2]. As a precaution we disabled SSL 3.0 for the web administration interface. Accessing that will require you to use a recent browser and operating system that is able to use TLS 1.0 or a more recent version. We already made some experiences with this as our web and mail servers do not allow to use SSL 3.0 since a couple of weeks and there were absolutely no reports from people who are not able to access our websites. We recommend to install this update as soon as possible. After doing so, your system will need to reboot. Please support the IPFire project with your donation [3]. Your help is a foundation of this project and very much appreciated by all contributors. [1] https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 [2] https://www.openssl.org/~bodo/ssl-poodle.pdf [3] http://www.ipfire.org/donate --===============1105943306959149163== Content-Type: application/pgp-signature Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="signature.asc" MIME-Version: 1.0 LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogR251UEcgdjIKCmlRSWNCQUFC Q2dBR0JRSlVRK0RoQUFvSkVJQjU4UDl2a0FrSGNjRVFBSXlMby9qZFZDelNlN2h6d2NMaWFnYkIK RDNuYjUxWkk3clB1WEorRFAxSmhieS9kL0lWRDdUbmg0bEwvRVUwVTA1Z1U0TEdEbXhvUFNEVjRj dkxvekZIeQorMlJKUDIvME8rVjNENEdqMFdMbVd3V1pOcnVvSWwxd05udjdHams4NVFVblVpdW1D T3h2b1lZZzVEemcvbnhjCkR0Y2ovSUJac0dpUHEzeUNzK3lHdkRFOXBCaWhRZGtqeHZXTlpoK3dZ ZjVHcVVmR05GZDRhZVowTmN4NGVjcnEKcE8renV3UjM0OHdBT0FyR21waytocVh1S1RDdzRwTE1h MFQ1MXRVczlqczYxM2ViMFZGMkZnNFZVbkIzRlNXYQpmTHNKb21pd3E0L24xVXN2dS9qVU5tdjdB WExPdVpsZU45bE5VVmJreEQ0c055NjRLUUtMVXNTeU9RZVQzd0hhCkhKbWdUWE9oVSt0M0Mwamo2 MmtvQ2gyQTZZS3BDQlRsUzJHYTc3MExwMlhWYWtDNXBLN1FUNVhNcXVrZjZIWVUKdGZrc1M4TklR eUJtQ21zOHh5MWFvam4yaWRzQmI4TmxWR2VHR2lTMkZFMjZXamhYWlFRdGxxV1JQV2NHNWN2SQp1 Sk5tcFowOEsvM1FDV2J6VHJkVVdGbmIxK3FSM1BMeVRjWlYwSUVIbGRxV2NqdHNwanJmMWNNcjIv aldSeHJ4ClBkQ2VuaVNuNHVnZkpXVGJ6WmttcDg5emF5T1FjU29MK1VUVWQybGpPNnl3SDUzZ3pw a2xuRWtNUVJpNm4wT3MKekdyeWJqbWMxZzJjRndTY2MyVzVhOHl5RC9lMVRjTmR5Qmk1b3piUDE3 MlR5ZDZwazlvWDhpaHdVbTlIZ21qUAo0NGJTQmVhMjNyU2tkWXFCa3RobAo9STNINwotLS0tLUVO RCBQR1AgU0lHTkFUVVJFLS0tLS0K --===============1105943306959149163==--