How do I patch/workaround SSLv3 POODLE vulnerability (CVE-2014-3566)?After the BEAST attack and Heartbleed bug, now I've heard about a new vulnerability in SSL/TLS called POODLE. How do I protect myself against being exploited? Are only servers or also clients affected? Is this OpenSSL/GnuTLS specific? What kind of services are affected? Only HTTPS or also IMAPS, SMTPS, OpenVPN, etc.? Please show me examples on how to avoid this vulnerability.
