OpenBSD just released a patch to stable version 5.4 in order to fix this.
Quote:
007: SECURITY FIX: April 8, 2014 All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS heartbeat extension (RFC6520) which can result in a leak of memory contents.
|
http://www.openbsd.org/errata54.html