FreeBSD Project Information for VU#720951

OpenSSL TLS heartbeat extension read overflow discloses sensitive information

Status

Affected

Vendor Statement

FreeBSD 10.0-RELEASE, 10.0-STABLE and 11.0-CURRENT have been patched

for this issue (CVE-2014-0160/VU #720951), both in source and binary
(via freebsd-update) forms. Earlier FreeBSD releases are not affected
by this issue.

Vendor Information

Vendor References

http://www.freebsd.org/security/advisories/FreeBSD-SA-14:06.openssl.asc

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.