The ESM6.5c SP1 Patch1 info and Release Notes can be found here:
"A patch for ArcSight Express ESM 6.5c SP1 systems is available for download here.
This patch fixes a number of issues which are listed in the page references.Attached is the release notes which are included in the patch download. The issues addressed in this patch are:
Addresses critical issues in ESM 6.5c SP1.
Provides updates for geographical information and vulnerability mapping.
Provides the POODLE SSL fix. The POODLE attack (which stands for "Padding Oracle On Downgraded Legacy Encryption") is a man-in-the-middle exploit that takes advantage of Internet and security software clients' fallback to SSL 3.0. See http://en.wikipedia.org/wiki/POODLE for details."