SSL and TLS security flaw
Vulnerabilities that can cause Man in the Middle (MITM) attacks or Denials of Service have been resolved following the upgrade of the OpenSSL cryptographic library to version 1.0.1j. The list of these vulnerabilities is as follows:
- SRTP Memory Leak (CVE-2014-3513),
- Session Ticket Memory Leak (CVE-2014-3567),
- SSL 3.0 Fallback,
- Build option no-ssl3 is incomplete (CVE-2014-3568).