A new vulnerability called the CCS injection vulnerability (CVE-2014-0224) was discovered in the OpenSSL library. This vulnerability makes it possible to decrypt communication and tamper with the content.

In project Turris, we have already updated OpenSSL on all our servers, which is the most important step to protect our users, and are preparing an update for the routers which should be available tomorrow. Because an update was not yet present in the OpenWrt repositories, we have submitted a patch.