OpenSSL team has published a security advisory addressing OCSP stapling vulnerability. Incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message.
Recommended action: Users of OpenSSL should update to the OpenSSL 1.0.0d (or 0.9.8r) release, which contains a patch to correct this issue. If upgrading is not immediately possible, the source code patch provided in this advisory should be applied.
Copssh 4.0.4 security patch 100 will update your current OpenSSL binaries to version 0.9.8r. A service start is required. You can use command line switch '/S' for silent installation.
MD5 Signature:
c453f9b7de300c407a232a5f58983630 *Copssh_4.0.4_Security_Patch_100_Installer.zip
SHA256 Signature:
ffe1b8cd6a5d87d4da7579bf3d2094bb499b77d6596f7e112cbf933ac3faa3e5 *Copssh_4.0.4_Security_Patch_100_Installer.zip
Download: http://itefix.no/i2/download
