This statement gives the impression that the code was quietly fixed without disclosing the vulnerability. In reality, the fix was done on 5/23, but it was not rebased and committed to the public repo until the bug was formally announced and the updated releases were ready:
Author: Nikos Mavrogiannopoulos <firstname.lastname@example.org>
AuthorDate: Fri May 23 19:50:31 2014 +0200
Commit: Nikos Mavrogiannopoulos <email@example.com>
CommitDate: Thu May 29 19:00:01 2014 +0200
Prevent memory corruption due to server hello parsing.
Fantastic work, even if (s)he didn't find the vulnerability her-/himself.