OpenSSL before 0.9.8zc, 1.0.0o, or 1.0.1j are unpatched for the following vulnerabilities:
Memory leak in the DTLS SRTP extension parsing code that can be triggered during a handshake to cause a denial of service. (CVE-2014-3513)
Memory leak in the way SSL, TLS, and DTLS servers handle a session ticket that has failed to have its integrity properly verified (CVE-2014-3567)
The ‘no_ssl3’ build option is not properly honored, which can cause insecure SSL 3.0 handshakes (re: CVE-2014-3566) to be accepted. (CVE-2014-3568)
Binary data 8552.prm