According to both
https://www.ssllabs.com/ssltest/viewMyClient.html#1426607003103&frame_loaded
and
https://security-tracker.debian.org/tracker/CVE-2014-3566
Arora is vulnerable to the POODLE vulnerability. SSL Labs recommends disabling SSL 3 support & debian claims that current and past versions are still vulnerable (though the security impact is "unimportant" ).
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: arora 0.11.0+qt5+git2014-04-06-1 [modified: usr/share/applications/arora.desktop]
ProcVersionSignature: Ubuntu 3.19.0-9.9-generic 3.19.1
Uname: Linux 3.19.0-9-generic x86_64
ApportVersion: 2.16.2-0ubuntu3
Architecture: amd64
CurrentDesktop: GNOME-Classic:GNOME
Date: Tue Mar 17 11:48:28 2015
EcryptfsInUse: Yes
InstallationDate: Installed on 2014-07-09 (250 days ago)
InstallationMedia: Ubuntu-GNOME 14.10 "Utopic Unicorn" - Alpha amd64 (20140708)
SourcePackage: arora
UpgradeStatus: No upgrade log present (probably fresh install)
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/