As reported in the press, the so-called “Heartbleed bug” has enabled the reading of private keys, security certificates, user names and passwords.
The OpenSSL versions in UCS are not affected by this security gap as all UCS 3 and older versions do not contain the code partition in question.
Further information can be found in the news section at: https://www.univention.com/univention-app-center-en/2014/04/heartbleed-bug-univention-products-concerned/