A memory leak flaw was fix in the hostname TLS extension: https://github.com/openssl/openssl/commit/7587347bc48e7e8a1e800e48bb0a658f1557c424 This flaw was introduced with the backport of the TLS extension code first introduced in version 0.9.8k of openssl. Additional information: http://seclists.org/oss-sec/2015/q1/856
Statement: This issue did not affect any versions of OpenSSL as shipped with Red Hat Enterprise Linux 5, 6, and 7.