OpenSSL today pushed out fixes for six security vulnerabilities – including a flaw that enables man-in-the-middle (MITM) eavesdropping on encrypted connections, and another that allows miscreants to drop malware on at-risk systems.A DTLS invalid fragment bug (CVE-2014-0195, affects versions 0.9.8, 1.0.0 and 1.0.1) can be used to inject malicious code into vulnerable software on apps or servers. DTLS is more or less classic TLS encryption over UDP rather than TCP, and is used to secure live streams of video, voice chat and so on.However an SSL/TLS MITM vulnerability (CVE-2014-0224, potentially affects all clients, and servers running 1.0.1 and 1.0.2-beta1) is...