OpenSSL released a security advisory on November 2, 2017, describing two vulnerabilities fixed in the newest releases [1].
Airlock WAF is not affected
Details:
CVE-2017-3736: Carry propagating bugs in a squaring and multiplication function. The vulnerability is very similar to CVE-2017-3732 and CVE-2015-3193 [2]. Exploiting the vulnerabilities is very difficult in general and even impossible in the context of Airlock WAF.
CVE-2017-3735: One-byte buffer overread vulnerability related to X.509 certificate processing. The criticality for Airlock WAF is negligible.
No action required.