When serious security problems in OpenSSL are discovered and corrected, the OpenSSL project issues a security advisory, describing the problem and containing a pointer to the fix.
If you think your have discovered a problem that has security implications then send details to firstname.lastname@example.org
The list below contains references where there is additional information on an issue which may assist OpenSSL users in understanding or responding to an issue.
|Date||Advisory||Description||CVE||Affected Versions||Fixed In Versions||Additional Information|
|07-Apr-2014||SECADV_20140477||TLS heartbeat read overrun||CVE-2014-1060|| OpenSSL-1.0.1a to OpenSSL-1.0.1f