2016-08-16 - OpenSSL Vulnerabilities
This vulnerability has no fix available at this time (other then mentioned patches below)
CVE-2016-2180 - OpenSSL is vulnerable to a denial of service, caused by an out-of-bounds read in the TS_OBJ_print_bio function.
xCAT uses OpenSSL for client-server communication but does not ship it. It is highly recommended to keep your OpenSSL levels up-to-date to prevent any potential security threats.