A new bug in OpenSSL was found by Masashi Kikuchi of Lepidum. It affects all versions of OpenSSL earlier than 1.0.1. For details, please refer to: http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html and