From Kerio more information about the Heartbleed bug

OpenSSL vulnerability CVE-2014-0160 (Heartbleed)

SummaryThe National Institute of Standards and Technology (NIST) has published a vulnerability to OpenSSL 1.0.1. Details regarding the vulnerability are available from the NIST website. The following Kerio products used the affected version of the OpenSSL library…

  • Kerio Connect 8.2.0 and higher
  • Kerio Control 8.2.0 and higher
  • Kerio Operator 2.2.0 and higher

Resolution

A fix is available for Kerio Connect as of version 8.2.4. You can download this release from the Kerio Website.

A fix is available for Kerio Operator as of version 2.2.5. You can download this release from the Kerio Website.

A fix for Kerio Control is expected to be released on April 10, 2014.

Additional information and security precautions can be found at the following location: http://goo.gl/filNif