The POODLE flaw returns, this time hitting TLS security protocol.

Hi Guys,

Is there any security advisory from redhat about the new POODLE flaw? This time hitting TLS security protocol. Please see the forwarded message & article below.

---------- Forwarded message ----------
From: Ivan Ristic
Date: 9 Dec 2014 05:55
Subject: [Bulletproof TLS] New POODLE attack on TLS discovered
To: Albert Maclang
Cc:

Dear Albert Maclang,

There's a new SSL/TLS problem being announced today and it's likely to
affect some of the most popular web sites in the world, owing largely
to the popularity of F5 load balancers and the fact that these devices
are impacted. There are other devices known to be affected, and it's
possible that the same flaw is present in some SSL/TLS stacks. We will
learn more in the following days.

If you want to stop reading here, take these steps: 1) check your web
site using the SSL Labs test [1]; 2) if vulnerable, apply the patch
provided by your vendor. As problems go, this one should be easy to fix.

[1] SSL Labs Server Test
https://www.ssllabs.com/ssltest/

Related Article:

http://www.computerworld.com/article/2857113/the-poodle-flaw-returns-this-time-hitting-tls-security-protocol.html

Hope we get an advise from redhat security response team for possible mitigation.

Thanks.

Kind regards,
Albert