HP OpenVMS Enterprise Directory Release Notes Revision/Update Information: Version 5.6 ECO3 POODLE © Copyright 2015 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor’s standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Intel and Itanium are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Contents 1 Before You Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1 New Features in This Release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2 Problems fixed in This Release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1 Before You Start  HP OpenVMS Enterprise Directory Version 5.6 ECO3 POODLE is primarily released to address the POODLE (CVE-2014-3566) vulnerability. Before installing this patch, you must ensure that HP OpenVMS Enterprise Directory Version 5.6 ECO3 is installed in the system, only then the patch can be installed.  If you use NCL Emulator to manage remote DSA, you must install this patch. If NCL Emulator is used to manage only local DSA, patch installation is not required.  In addition to the patch installation (if applicable), if you enable DSA to use SSL for secure communication, you must disable "SSLv3" and "SSLv23" protocols and enable only "TLSv1" protocol.  To start the NCL Emulator run the program at SYS$SYSTEM:DXD$NCL.EXE.  SET DSA LDAP SECURITY PROTOCOL <"SSLv3"/"SSLv23"/"TLSv1">  For more information on configuring SSL, see the section 2.6.3 in the HP OpenVMS Enterprise Directory 5.6 ECO3 Release Notes.  1.1 New Features in This Release  No new features are added in this release of Enterprise Directory.  1.2 Problems fixed in This Release  POODLE vulnerability: When NCL Emulator is used to manage remote DSA, NCL uses SSLV3 protocol to connect to CAED utility. It is now fixed so that NCL Emulator uses TLSV1 protocol to connect to CAED utility.