As reported in the press, the so-called “Heartbleed bug” has enabled the
reading of private keys, security certificates, user names and
passwords.
The OpenSSL versions in UCS are not affected by this security gap as all
UCS 3 and older versions do not contain the code partition in
question.
Further information can be found in the news section at: https://www.univention.com/univention/news/news-releases/news-details/uni/2014/04/28/heartbleed-bug-univention-products-not-concerned/