Last Updated on Oct 15, 2014 by Jeff Lew
PayPal has fixed a vulnerability in their payment system due to POODLE by removing the CURL SSL Option. All stores that accept PayPal are affected and will not be able to take payment via the PayPal modules unless the following code change is made:
Open includes/modules/payment/paypal/paypal_curl.php and find line 59:
CURLOPT_SSLVERSION => 3,
Change to:
//CURLOPT_SSLVERSION => 3,
If you need assistance with making this code change, please contact [email protected] and we’ll correct the issue for you today.
Update: this affects any script that uses the CURLOPT_SSLVERSION option and the recommended fix is to comment out that line completely from all scripts (i.e. PayPal, Authorize.net, Linkpoint, USPS, etc).
hi
We are using zen cart we got mail for paypal (28) SSL connection timeout in connection and we found the your page and we used but i getting the same of (28) SSL connection timeout could you please us
Regards
Murugan