Whomever has time first, openssl is compromised. The packages need updated and keys revoked. https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160