Thank you for your reply.
I read Release notes of AMS 5.0.6.
"Bundled OpenSSL version has been updated to openssl-1.0.1h."
Isn't openssl-1.0.1h affected by following vulnerabilitys?
CVE-2014-3508,CVE-2014-5139,CVE-2014-3509,CVE-2014-3505,
CVE-2014-3506,CVE-2014-3507,CVE-2014-3510,CVE-2014-3511,
CVE-2014-3512
Thanks.