Information about a Recent Security Update

[Cory Zue]

Hi all,

Though this should not affect your projects, we wanted to be transparent about an update to CommCareHQ that we made today in reaction to a recent vulnerability discovered in a common security protocol. 

Because the update has the potential to affect how form submissions work, we've done our best to quickly test that submissions work properly across all devices. We don't anticipate that your project will be affected. However, we expect this could affect IE6 users, and it is possible that it may cause submission issues from older, untested phones.

Please reach out to commcareh...@dimagi.com if you believe this has caused any problems with your application or your phones.

For more information on the vulnerability (which has been named "POODLE"), you can refer to some of these sources:

Wikipedia: http://en.wikipedia.org/wiki/POODLE

Forbes: http://www.forbes.com/sites/jameslyne/2014/10/15/poodle-security-vulnerability-breaks-sslv3-secure-browsing/

Ars Technica: http://arstechnica.com/security/2014/10/ssl-broken-again-in-poodle-attack/

Best,

Cory

CTO, Dimagi