What gets me is that some are calling this a big folly for the open source world the thing is exploits like this are all over the place in both open and closed source software.
They just become big when developers dont patch in time or people dont do what they are supposed to do.
The issue with openSSL is its widespread use, and how many dont take action to patch it.
openSSL is underfunded and so bugs are going to come without proper developers, want to improve things become a developer.
The code is wide open.