With recent news of the Heartbleed bug and its associated vulnerability in the OpenSSL library, here is what you need to know about how it affects Zend Server:
On Linux systems, Zend Server uses the OpenSSL library provided by the operating system. Zend Server does not need to be updated, but please ensure your Linux system is properly updated so all services using OpenSSL (including Zend Server as well as potentially many others) are secure. If you have been using a vulnerable version of OpenSSL (1.0.1 through 1.0.1f inclusive) we highly recommend updating your security keys and passwords after updating the library.
On Windows, IBM i, and Mac OS X systems Zend Server uses OpenSSL 0.9.8, which is unaffected by this vulnerability.
If you have any questions, please don’t hesitate to contact Zend Support.