|Applies To||RSA Certificate Manager 6.8|
RSA Registration Manager 6.8
Sun Solaris 2.9
Remedy the SSLv3 and TLS renegotiation vulnerability CVE-2009-3555 for RCM and RRM
TLS protocols encounter session renegotiation vulnerability in SSL Authentication.
Prior to build520, Certificate Manager supported the SSLC library 2.3.3. RSA Certificate Manager 6.8 build520 supports SSLC library version 126.96.36.199.
SSLC 188.8.131.52 has the new feature "Transport Layer Security (TLS) Renegotiation Indication Extension" (RFC 5746) to address the SSLv3 and TLS renegotiation vulnerability (CVE-2009-3555) issue.
This problem is fixed in RSA Certificate Manager 6.8 build520 RSA Registration Manager 6.8 build520.
|Legacy Article ID||a55027|