One of the many arguments Open Source advocates make is is that OSS is more secure because “anyone and everyone” can review the source. This critical crypo bug in the GnuTLS library takes that idea out back and shoots it. Execution style.
(I’m not being critical of OSS. After all, I’m an OSS author and contribute to quite a few OSS projects. There are plenty of compelling arguments for OSS software, but increased security isn’t one of them.)
The heartbleed vulnerability in OpenSSL adds a bit of fuel to this fire. 🙁