Big bad decryption bug in OpenSSL – but no cause for alarm

The buggy code’s in there, alright. Fortunately, it’s hard to get OpenSSL to use it even if you want to, which mitigates the risk.