OpenSSL patches two low and medium severity vulnerabilities that were discovered by using Googles open source OSS-Fuzz fuzzing service. The medium severity vulnerability tracked as CVE-2017-3736 was addressed with the release of OpenSSL 1.1.0g and 1.0.0m. The low severity issue is a low severity fix that could lead to an out-of-bounds (OOB) attack. The fix was developed by Rich Salz of the OpenSSL development team.”]
Source: http://securityaffairs.co/wordpress/65097/security/openssl-google-oss-fuzz-fuzzing.html

