In Win32/64 binary releases there are vulnerable OpenSSL DLL files. All users ar encouraged to upgrade to the latest version.
In-depth
See vendor's advisory at http://www.openssl.org/news/secadv_20090325.txt.
All versions prior to 1.1.36 are affected by these security vulnerabilities. VooDoo cIRCle 1.1.36 binary relases for Win32/64 are not affected by these known security vulnerabilities. Versions using older OpenSSL library, though on any platform, or custom builds, are vulnerable, that is, either all binary-distributed versions of VooDoo cIRCle prior to 1.1.36, or those linked against OpenSSL library version prior to 0.9.8k are vulnerable by these vulnerabilities.
Workaround
There is no known workaround at this time.
Solution
Update to the latest version, VooDoo cIRCle 1.1.36, which is not vulnerable.
Time line
2009-03-25 - Received notification from secunia.com that the same day OpenSSL vendor released new version of OpenSSL library 0.9.8k, which is not vulnerable by known vulnerabilities.
2009-03-26 - Release of VooDoo cIRCle 1.1.36 .
2009-03-26 - VooDoo cIRCle vendor security advisory: public disclosure: this security advisory.
Cahngelog
2009-03-26 - Initial revision
2009-03-26 - Fixed HTML formatting error
Legal notice
Some names used in this document may be registered trademarks of their respective owners.