OpenSSL released a security advisory on July 9th 2015: https://www.openssl.org/news/secadv_20150709.txt . Some wolfSSL embedded TLS users are probably wondering if similar security fixes are required in wolfSSL. The answer to that is no. Specifically, Alternative chains certificate forgery (CVE-2015-1793) is an OpenSSL implementation bug. Faulty logic allowed untrusted certificates to appear as trusted. Since wolfSSL, CyaSSL, and yaSSL embedded SSL libraries have a completely different code base from OpenSSL we do not share this defect.
Please contact wolfSSL by email at info@wolfssl.com, or call us at 425 245 8247 if you have any security related questions.