OpenSSL just released a new version of the popular SSL/TLS toolkit.

This release fixes 2 moderate and 6 low vulnerabilities. “Luckily”, both moderate vulnerabilities can only lead to Denial of Service. The other 6 low vulnerabilities are either difficult to exploit or of unknown impact so while you should update (as always) it appears for now that there is no need to rush with this upgrade.

More information is available at http://openssl.org/news/secadv_20150108.txt.