(2015-05-11)
Poodle fixes for 5.0 and 5.2 firmwares:
config system global
set strong-crypto enable
endconfig vpn ssl settings
set sslv3 disable
end
Note that for rancid access of a firewall configured in this way you have to explicitly select a secure cypher suite:
add cyphertype fw-fortinet.domain.local aes256-ctr,aes128-ctr