A vulnerability was discovered in openssl that causes a race condition within the TLS extension parsing code and which can be exploited to cause a heap-based buffer overflow . Packages for 2009.0 are provided as of the Extended Maintenance Program