From: Blackboard/Courseinfo userslist [mailto:[log in to unmask]] On Behalf Of Melanie Barrand
Sent: 18 November 2015 09:43
To: [log in to unmask]
Subject: Re: TurnItIn and Security Advisory - LRN-86495 - Weak TLS Protocol Vulnerability

Hello Matt

 

Thanks for the info. We have CU3 (and the latest Building Blocks including LDAP) on our Testing environment. No problems so far with Turnitin. 

 

We are self hosted Blackboard Oct 14 with Turnitin Basic 2.6.6. Are you on Basic or Direct?

 

Best wishes

 

Melanie Barrand
eLearning (VLES) Team | University of Leeds

 

Website: www.leeds.ac.uk/vle

For the latest VLE news, hints, tips & updates visit our blog: http://vleservice.wordpress.com/,follow us on Twitter: https://twitter.com/leedsvlesupport or subscribe to the mailing list:http://www.leeds.ac.uk/vle/maillist/ 

Hi All

 

Just a warning to anyone that uses the TurnItIn Building Block with Blackboard.

 

You may have noticed that Blackboard announced “Security Advisory - LRN-86495 - Weak TLS Protocol Vulnerability in LDAP Authenticator (Java 7) Could Allow Information Exposure”  at https://blackboard.secure.force.com/btbb_articleview?id=kAA70000000CbBH just over a month ago.  We have been looking at implementing this. 

 

A very small note in the Blackboard instructions states “Clients should test this security patch with third party B2s. Due to the fact that Blackboard may be using different protocol versions, 3rd party B2s may be incompatible with the security patch.”

 

We have been contacting the companies from which we licence building blocks and TurnItIn have responded:

 

“I have be informed that our product team is working with Blackboard on this matter as it seems that when the new patch is installed we are blocking connections from Blackboard due to an incompatibility with some of the ciphers used.

It would be advisable to delay updating to this patch until a resolution have been found.”

 

Thought everyone that uses TurnItIn would want to be aware of that…

 

Cheers

 

Matt