The OpenSSL library version 1.0.2h-fips included in Splunk Enterprise 6.5.0 is affected by multiple vulnerabilities (OpenSSL 2016-09-22). Will the next Splunk Enterprise update version fix these security problems? And when will it be released? Thank you.
OpenSSL updates will be available in a maintenance release of Splunk Enterprise in line with past advisories listed on https://www.splunk.com/page/securityportal/. The most effective way to get status information is to open a support case to track your support request. If you don't have a support contract, escalate via the security portal.