I did the POODLE vulnerability fix manually, and all seemed to go well. At least everything started back up (took a couple of times, but finally worked).
I had to go in and select the newsletter so I don't miss any update announcements. Wasn't easy to find, but found it here: https://accounts.zoho.com/u/h#setting/preference and checked "Updates to Products".
Please refer the below instructions for the POODLE vulnerability issue.
Note: The below steps can be done only with 90080 and above.
Kindly open the websettings.conf file (<DesktopCentral_Server>/conf folder) via text editor and make the below changes.
apache.sslprotocol=all -SSLv2 -SSLv3
apache.sslhonorcipherorder=on
apache.sslciphersuite=EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
Save the file and restart DesktopCentral service
Desktop Central product team is responsible for upgrading the Open SSL and Apache to the latest however we do it only after multiple tests.
We have already released the hotfix which has the fix for Apache and Open SSL however it will be released before this month end as newsletter build. We always deliver major fixes/features during end of every month. If you have subscribed for the newsletter, you should receive the same via email.
However in the meantime if any customer asks for the hotfix on urgent basis, we will send the steps/hotfix immediately.
Note: POODLE fix isn't integrated with our hotfix yet which is expected to be integrated in our upcoming releases.
Still no reply from @support on the severely old and vulnerable OpenSSL 1.0.1c in pgsql folder, or the potentially vulnerable version of PostgreSQL that it's packaged with.