On Wednesday, October 14th, a new vulnerability (CVE-2014-3566) was announced in the SSLv3 protocol.
After its announcement, we reviewed the severity and impact to Globus services, partner services and users. We have posted the details of our discoveries in our support forum and will continue to post updates as we learn more. Overall, our assessment for the severity of the impact for this issue is low. The forum post includes some recommended actions for administrators of Globus endpoints, and for Globus Toolkit services.
If you have any concerns about this issue, please contact our support team.