Heroku Product manager here, we're working as quickly as possible to assess and address all details around the issue. Three hours is our worst case to provide details as unfortunately is has been a slow evolving incident, though all hands are on deck and we're working to update status.heroku.com as broadly as possible as well as more direct channels.
What's exactly the problem? Could be fixed by either getting the latest package upgrades from you favorite distro or compile an old version yourself with a specific flag set as mentioned in the security report. Or are you behind some third-party SSL proxy that doesn't react that fast?