Users are being urged to upgrade OpenSSL to prevent eavesdroppers listening to otherwise encrypted connections undermined through the LogJam vulnerability thought to be the NSA’s crypto-cracking tool of choice.
OpenSSL maintainers have patched seven vulnerabilities including the LogJam vulnerability (CVE-2015-4000) which allows attackers to trick browsers into considering an insecure encrypted connection as secure.