ExtremeSwitching (Other)

  • 1.  OpenSSL 3.0 Threats a.k.a POODLE

    Posted 12-18-2014 10:25
    VN-2014-003- Poodle - OpenSSL 3.0 Threat -CVE-2014-3566

    What about the 800series - that one isn't listed.

    IdentiFi Wireless - target release is 9.12.04 & 8.32.12 - both are out already but I don't see any information in the release notes that the bug is fixed.
    Also 9.15 is a higher version then 9.12 so is that fixed in 9.15?

    Thx,
    Ron


  • 2.  RE: OpenSSL 3.0 Threats a.k.a POODLE

    Posted 12-18-2014 14:14
    Let me ask around, Ron. I'll get back to you shortly.


  • 3.  RE: OpenSSL 3.0 Threats a.k.a POODLE

    Posted 12-18-2014 19:16
    Hi Ron,
    I consulted our vulnerability team and was informed that the 800-series fits in with the recommendations for the A,B,C,D,G-Series. I'm not sure why it wasn't explicitly listed in the VN posting.

    In regards to IdentiFi, the issue was resolved in 8.32.13 and 9.15.01. The 9.12 software stream is end-of-support and was replaced by 9.15. I've asked them to make sure the Release Notes get updated to include this information. Thanks for pointing it out!

    I hope this helps answer your questions.

    -Drew



  • 4.  RE: OpenSSL 3.0 Threats a.k.a POODLE

    Posted 12-18-2014 20:37
    Hi Drew,
    thanks for the clarification but unfortunately your post brought up some more questions...

    I'm very surprised that 9.12 is already end of support - the first 9.12 version was released only 6 month ago.

    Which brings me to a much more important question.... where could I find this information, how should a partner know which software release is supported and which is declared end of support by Extreme Networks.

    I'd call the GTAC every day but I think they are kind of busy with all the tickets that I've raised already.

    Ron