We've had only one person four people call into support to ask this so far that I know of, but I figure I'll post this:
The LEM is safe from Heartbleed.
If you don't know what Heartbleed is, you ought to go find out, especially if you use any OpenSSL in your environment.
I ran the dpkg --list on my lab LEM for your benefit and to verify. The version in LEM 5.7 is:
As with many applications, if you're not on 5.7, you should upgrade to make sure you have the latest security patches and vulnerability fixes, as well as the newest and coolest features.
Status of different versions:
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable
Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.
The official SW post on Heartbleed, including all SW products and their status and what you need to do (which is generally "Nothing, take a deep breath, don't panic"), is here: SolarWinds Heartbleed impact roll-up - (Executive summary: Don't worry)
Thanks Curtisi, that's really helpful and succinct for anyone who may be concerned as to whether they are at risk or not.