New version of OpenSSL closes security holes in ASN1 parser
Tavis Ormandy from the Google Security Team has notified the OpenSSL developers of a security hole in the current version of their open source library. The errors occur when parsing ASN1 data via the asn1_d2i_read_bio() function. According to the official OpenSSL advisory and Ormandy's message, the issue affects applications that process external X.509 certificates or public RSA keys.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump