On May 3, 2016, OpenSSL 1.0.2h was released to prevent a MITM attacker from using a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI.
SafeLogic made updated builds available to our deployed customers the same day that the new version was released. (Note: SafeLogic’s CryptoComply modules do not include the exploitable code.)
You may download the updated binaries through the KNOWLEDGE BASE tab on SafeLogic's Support Portal.
Click here for more info on bug from OpenSSL