Comment 3 for bug 1425171

The customer ran a scan and is requesting OpenSSL >= 1.0.1h to fix the following vulnerability:
* CVE-2014-0224

From their scan, it resulted that versions <1.0.1h may suffer also of:
* CVE-2010-5298
* CVE-2014-0195
* CVE-2014-0198
* CVE-2014-0221
* CVE-2014-3470

Vulnerabilities fixed in 1.0.1f:
* CVE-2014-0076