When you think about operating system updates you probably do not think about the security team. Sure, there are security patches and such, but those are on the operations team and not really pushed out by the security team. Well, that is when they are done properly by the OS vendor.
It seems that someone may have found a way around at least one of the latest hot fixes for OpenSSL. According to some talk around the darker places on the internet, a rehash of metadata can allow a malicious individual to get around the latest hot fix designed to stop someone from bypassing the CA check in OpenSSL. The original flaw was found to exist during certificate validation. When OpenSSL checks the certificate chain it will try to build an alternate route if the first attempt fails. Due to a flaw in the way this is done can allow a “bad guy” to actually force some of the secondary checks to be bypassed and allow an invalid cert to pass.