a. Updated OpenSSL package for the Service Console fixes a security issue.
OpenSSL 0.9.7a-33.24 and earlier does not properly check the return value from the EVP_VerifyFinal function, which could allow a remote attacker to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-5077 to this issue.
The following table lists what action remediates the vulnerability (column 4) if a solution is available.