CERT has released advisory TA04-078A which discusses several vulnerabilities in OpenSSL. I’ve seen quite a few update notices from the major Linux vendors (including Cygwin) so they’re convering it, the only thing that we have to do is install the updates.