Just in case you missed the Cert advisory, OpenSSL has another security advisory. https://www.us-cert.gov/ncas/alerts/TA14-290A Resolution: OpenSSL 1.0.1 users should upgrade to 1.0.1j. OpenSSL 1.0.0 users should upgrade to 1.0.0o. OpenSSL 0.9.8 users should upgrade to 0.9.8zc.
*** This bug has been marked as a duplicate of bug 525468 ***