I just discovered this now and
yum info openssl
That's not responsible at all, IMO. Whoever was in charge of this (NCSC-FI?) isn't very good at coordinating.
https://bugzilla.redhat.com/show_bug.cgi?id=1084875
I just discovered this now and
Yields 1.0.1e as available package which is vulnerable. I guess not all "stakeholders" have been warned properly - or am I jumping to conclusions?