A newly discovered bug in OpenSSL, the open-source implementation of the SSL and TLS protocols that’s used to secure data sent between clients and servers. A man-in-the-middle attack could force servers and clients to use weak keys, which would allow attackers to decrypt traffic. The latest version of OpenSSL also patches five other vulnerabilities, some of which could be abused by attackers to create a distributed-denial-of-service attack. Thankfully, the newly disclosed vulnerability is not on a par with Heartbleed.”]
Source: https://www.healthcareinfosecurity.com/openssl-flaw-discovered-patch-now-a-6915