HCL
Skip to main content  
 
   

ViewsUpcoming ReleasesWhat's NewSearch
  APARs
  Customer Priority
  Date modified
  Notes.ini settings
  Product area
  Platform
  Regressions (fixed)
  Regressions (identified)
  Release
  Security fixes
  ServiceNow Cases
  SPR
  Technical area
  Template fixes

Security fixes Recommended Release (14.0 FP3)

ExpandExpand


Hide details for  9.0.1 FP4 9.0.1 FP4
DKEN9RVQGDkyrtool import all sometimes reports "SECIssUpdateKeyringPrivateKey returned error 0x0720", "AVA separator not found" or "Syntax error in OID" when a...
KLYH9QKT4BNotes / Domino Support for TLS 1.2 (Transport Layer Security 1.2) with protocols: HTTP, SMTP, LDAP, POP3 & IMAP.
RGET9TSMKDAdd IP Information to HTTP Thread logs for SSL Handshake connections
MKIN9QHT5WPassing a directory to kyrtool will crash the tool
RKUR9PEDEBImplement HSTS (Http Strict Transport Security).This header informs supported browsers that the site should only be accessed over an SSL-protected...
DKEN9SSUR6Add more detailed logging for SSL/TLS connections to help in case of diagnose failed connections
KLYH9QKTBLAdded Perfect Forward Secrecy (PFS) via Ephemeral Diffie-Hellman (DHE) cipher specs for SSL/TLS
KLYH9UQJQNRemove RC4-SHA from the default cipher list for TLS 1.2
KLYH9URNFYTLS 1.2 Client handshake request rejected by Server if server certificate chain signature type not supported by the client
KLYH9QKTGHAdded SHA-256 cipher specs for increased security with TLS 1.2
KLYH9UFNWHNew notes.ini SSL_DISABLE_TLS_10 to support Disabling TLS1.0 for compliance reasons. Used in conjunction with existing DISABLE_SSLV3=1 allows you to...
TCHL9SST8VFixes security issue in NSD
KLYH9UPMR7Fixes Domino Server crash in kyr caching
KLYH9UBNGWAdd pinning to SHA-256 for TLS 1.2
LCHG9UPBFMIBMi:TLS1.2 support for system SSL on IBM i Domino
NEKO9VBUBY Fixes Domino failing when using DHE_RSA_WITH_AES_256_CBC_SHA or DHE_RSA_WITH_AES_128_CBC_SHA over SSLv3 when Domino is the client.
DKEN9VBLS5If the version of TLS requested by the client is higher than what the Domino server supports, Domino responds with the highest version that it...
DKEN9V6R82Logs error and returns a fatal alert If a remote TLS server selects an unsupported version. If DISABLE_SSLV3, SSL_DISABLE_TLS_12, or...
DKEN9UXNQXExpand DHE for SSL/TLS past 3072 bit by using ICC library to do the underlying modexp math. 4096 bit now enabled for DHE.
RPIN9V8HXKSupport added for DHE with Ys shorter than P when Domino is the client
PSIH9SSAHCRecommended security fix for Notes. See technote 1698994.
DKEN9VBRZ5Hardcode DH keysize used with DHE-RSA-AES128-SHA to 1024 for Java 6 compatibility
KLYH9TSMLARecommended security fix for IBM Notes & Domino to address BMP parsing attack: CVE-2015-1902 and CVE-2015-1903 (technote 1883245)
DKEN9SLU3YAdd support for OCSP stapling (TLS Certificate Status Request extension.) To enable, use Domino Server notes.ini variable: ...
WJWJ9X64RMFixes Domino Server crash in certain configs where keyfile specified does not exist, KYRCache is in use, and an SSL connection is...
SJAR9DNGDAFixes security vulnerability in the IBM Domino Web server.
KLYH9WYPR5
DKEN9X3SQJLower the priority of the DHE_RSA_WITH_AES_128_CBC_SHA (33) cipher
KLYH9T7N5HAddress IBM Domino SSLv2 Remote Execution Vulnerability - CVEID: CVE-2015-0134. Disabled SSLv2 by default as part of TLS 1.0 work....


ExpandExpand





  Document options
Print view

  Search
Search Advanced Search


 RSS feeds   RSS
Subscribe to the fix list


    About HCL Privacy Contact