OpenSSL Heartbleed Vulnerability
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
What is OpenSSL Heartbleed
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
For more information please visit http://heartbleed.com/
What versions of the OpenSSL are affected?
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable
NONE: No releases of Cognos Analysis for Microsoft Excel, Business Viewpoint, Command Center, Controller, Disclosure Management, Finance, FSR, Incentive Compensation Management, Integration Server, Planning, Sales Performance Management, TM1, Concert or Clarity 7 are affected by this vulnerability