POODLE SSLv3 Security Vulnerability 22 Oct 14
We’ve written up some details of the POODLE SSLv3 security vulnerability over on the Brightbox Cloud blog.
In summary, we’re disabling SSLv3 and requiring TLS for our own services, such as our website and APIs. This won’t affect any of our customers (other than to increase security for them :)
We recommend that you do the same on your own servers, anywhere you don’t mind losing some backwards compatibility for older browsers. Otherwise, ensure you’ve applied the relevant
TLS_FALLBACK_SCSV security updates (available in Ubuntu and other Linux distros – just upgrade your openssl libraries).