They didn't mention anywhere whether or not CVE-2015-0207 was patched, so I'm left to assume it's still vulnerable (but hopefully a patch is being written for it).
<i>> Log message: Fix several crash causing defects from OpenSSL.</i><p>Is there some reason they're obscuring the fact that these are security vulns? Trying to keep their 'street cred' intact? (undeadly.org even uses quotes around "crash-inducing" in their announcement, so it seems obvious this is unusual language)