An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.
The OpenSSL Project is a full-featured and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library managed by a worldwide community of volunteers.
Users of OpenSSL are advised to upgrade according to details found in the advisory.
Read OpenSSL Security Advisory here – http://www.openssl.org/news/secadv_20140605.txt