ASL customers are not effected by these OpenSSL vulnerabilities. Please see this URL for details, or the summary below:
Fix Use After Free for large message sizes (CVE-2016-6309) - This could lead to remote code execution on effected systems. ASL systems are already protected from this class of attack.
Missing CRL sanity check (CVE-2016-7052) - This could cause the application to crash, however platforms that use ASL are not using the effected version of OpenSSL.
Security annoucements of interest to the AtomiCorp community, such as vulnerabilities in third party applications.