I belive this is already fixed :
rpm -q --changelog openssl|head
* lun. avril 07 2014 Tomáš Mráz 1.0.1e-16.7
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension
* mar. janv. 07 2014 Tomáš Mráz 1.0.1e-16.4
- fix CVE-2013-4353 - Invalid TLS handshake crash
* lun. janv. 06 2014 Tomáš Mráz 1.0.1e-16.3
- fix CVE-2013-6450 - possible MiTM attack on DTLS1
* ven. déc. 20 2013 Tomáš Mráz 1.0.1e-16.2
Thanks