For those searching for Official statements on the heartbleed Bug
An OpenSSL vulnerability was announced earlier this week in versions 1.0.1 and 1.0.2 of OpenSSL. This vulnerability is officially named “TLS heartbeat read overrun (CVE-2014-0160)” and has come to be colloquially named “The Heartbleed Bug”.
Affected Products and Versions
Platform 9.1.1065
SUA 9.1/SCA 1.4
OSD 3.3
Remote Control (TRC)
Unaffected Products
The following products are not affected by this vulnerability:
Mobile Device Management
Software Distribution
Server Automation
Patch Management
Power Management
Core Protection
Security Configuration Management
You will have to wait for an official statement from another source.
You will see in the forum that we know about an item. But not when it will be released in general because I don’t have that information to share and may not have the current plan.
You will see a note when it IS released if I have it. But you may see it sooner then I see it released because of my hours.
The fix has been released and you should see upgrade fixlets available.
Please pay close attention to the announcement as you will need to take other actions other than just upgrading to completely close off any potential exposure.