In Win32/64 binary releases there are vulnerable OpenSSL DLL files. All users ar encouraged to upgrade to the latest version.
See vendor's advisory at http://www.openssl.org/news/secadv_20090325.txt.
All versions prior to 1.1.36 are affected by these security vulnerabilities. VooDoo cIRCle 1.1.36 binary relases for Win32/64 are not affected by these known security vulnerabilities. Versions using older OpenSSL library, though on any platform, or custom builds, are vulnerable, that is, either all binary-distributed versions of VooDoo cIRCle prior to 1.1.36, or those linked against OpenSSL library version prior to 0.9.8k are vulnerable by these vulnerabilities.
There is no known workaround at this time.
Update to the latest version, VooDoo cIRCle 1.1.36, which is not vulnerable.
2009-03-25 - Received notification from secunia.com that the same day OpenSSL vendor released new version of OpenSSL library 0.9.8k, which is not vulnerable by known vulnerabilities.
2009-03-26 - Release of VooDoo cIRCle 1.1.36 .
2009-03-26 - VooDoo cIRCle vendor security advisory: public disclosure: this security advisory.
2009-03-26 - Initial revision
2009-03-26 - Fixed HTML formatting error
Some names used in this document may be registered trademarks of their respective owners.