The 6.2.1 release includes the following improvements and bug fixes regarding the POODLE
vulnerability for SSLv3:
This release introduces a new command line tool to address the POODLE vulnerability.
Note: The new pmx-force-ssl-mode tool will properly configure SSL for
both Postfix and Apache to address this vulnerability in PureMessage. For usage and options
please see the man page by typing man pmx-force-ssl-mode on your command
line.
A potential RPC call handling vulnerability has been fixed.
Updated miniserv.pl to disable SSLv3 (PMX-64).
Rebuilt PureMessage Sendmail package to disable SSLv3 (PMX-74).
Resolved Issues (6.2.1)
Resolved an issue where OpenSSL could warn about a missing configuration file (PMX-71).