The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
http://advisories.mageia.org/MGASA-2014-0165.html
http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=96db9023b881d7cd9f379b0c154650d6c108e9a3
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131221.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-April/131291.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136473.html
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00005.html
http://lists.opensuse.org/opensuse-updates/2014-04/msg00061.html
http://marc.info/?l=bugtraq&m=139722163017074&w=2
http://marc.info/?l=bugtraq&m=139757726426985&w=2
http://marc.info/?l=bugtraq&m=139757819327350&w=2
http://marc.info/?l=bugtraq&m=139757919027752&w=2
http://marc.info/?l=bugtraq&m=139758572430452&w=2
http://marc.info/?l=bugtraq&m=139765756720506&w=2
http://marc.info/?l=bugtraq&m=139774054614965&w=2
http://marc.info/?l=bugtraq&m=139774703817488&w=2
http://marc.info/?l=bugtraq&m=139808058921905&w=2
http://marc.info/?l=bugtraq&m=139817685517037&w=2
http://marc.info/?l=bugtraq&m=139817727317190&w=2
http://marc.info/?l=bugtraq&m=139817782017443&w=2
http://marc.info/?l=bugtraq&m=139824923705461&w=2
http://marc.info/?l=bugtraq&m=139824993005633&w=2
http://marc.info/?l=bugtraq&m=139833395230364&w=2
http://marc.info/?l=bugtraq&m=139835815211508&w=2
http://marc.info/?l=bugtraq&m=139835844111589&w=2
http://marc.info/?l=bugtraq&m=139836085512508&w=2
http://marc.info/?l=bugtraq&m=139842151128341&w=2
http://marc.info/?l=bugtraq&m=139843768401936&w=2
http://marc.info/?l=bugtraq&m=139869720529462&w=2
http://marc.info/?l=bugtraq&m=139869891830365&w=2
http://marc.info/?l=bugtraq&m=139889113431619&w=2
http://marc.info/?l=bugtraq&m=139889295732144&w=2
http://marc.info/?l=bugtraq&m=139905202427693&w=2
http://marc.info/?l=bugtraq&m=139905243827825&w=2
http://marc.info/?l=bugtraq&m=139905295427946&w=2
http://marc.info/?l=bugtraq&m=139905351928096&w=2
http://marc.info/?l=bugtraq&m=139905405728262&w=2
http://marc.info/?l=bugtraq&m=139905458328378&w=2
http://marc.info/?l=bugtraq&m=139905653828999&w=2
http://marc.info/?l=bugtraq&m=139905868529690&w=2
http://marc.info/?l=bugtraq&m=140015787404650&w=2
http://marc.info/?l=bugtraq&m=140075368411126&w=2
http://marc.info/?l=bugtraq&m=140724451518351&w=2
http://marc.info/?l=bugtraq&m=140752315422991&w=2
http://marc.info/?l=bugtraq&m=141287864628122&w=2
http://marc.info/?l=bugtraq&m=142660345230545&w=2
http://rhn.redhat.com/errata/RHSA-2014-0376.html
http://rhn.redhat.com/errata/RHSA-2014-0377.html
http://rhn.redhat.com/errata/RHSA-2014-0378.html
http://rhn.redhat.com/errata/RHSA-2014-0396.html
https://bugzilla.redhat.com/show_bug.cgi?id=1084875
https://cert-portal.siemens.com/productcert/pdf/ssa-635659.pdf
https://code.google.com/p/mod-spdy/issues/detail?id=85
http://seclists.org/fulldisclosure/2014/Apr/109
http://seclists.org/fulldisclosure/2014/Apr/173
http://seclists.org/fulldisclosure/2014/Apr/190
http://seclists.org/fulldisclosure/2014/Apr/90
http://seclists.org/fulldisclosure/2014/Apr/91
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/57347
http://secunia.com/advisories/57483
http://secunia.com/advisories/57721
http://secunia.com/advisories/57836
http://secunia.com/advisories/57966
http://secunia.com/advisories/57968
http://secunia.com/advisories/59139
http://secunia.com/advisories/59243
http://secunia.com/advisories/59347
https://gist.github.com/chapmajs/10473815
https://sku11army.blogspot.com/2020/01/heartbleed-hearts-continue-to-bleed.html
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html
https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html?sr=36517217
http://support.citrix.com/article/CTX140605
https://yunus-shn.medium.com/ricon-industrial-cellular-router-heartbleed-attack-2634221c02bd
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
http://www-01.ibm.com/support/docview.wss?uid=isg400001841
http://www-01.ibm.com/support/docview.wss?uid=isg400001843
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004661
http://www.debian.org/security/2014/dsa-2896
http://www.exploit-db.com/exploits/32745
http://www.exploit-db.com/exploits/32764
http://www.kb.cert.org/vuls/id/720951
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
http://www.openssl.org/news/secadv_20140407.txt
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html
http://www.securitytracker.com/id/1030026
http://www.securitytracker.com/id/1030074
http://www.securitytracker.com/id/1030077
http://www.securitytracker.com/id/1030078
http://www.securitytracker.com/id/1030079
http://www.securitytracker.com/id/1030080
http://www.securitytracker.com/id/1030081
http://www.securitytracker.com/id/1030082
http://www.ubuntu.com/usn/USN-2165-1
http://www.us-cert.gov/ncas/alerts/TA14-098A
http://www.vmware.com/security/advisories/VMSA-2014-0012.html