I do not need a solution (just sharing information)
Quick heads up, a vulnerability was announced yesterday for OpenSSL and registered under CVE-2014-0160:
https://www.openssl.org/news/secadv_20140407.txt
A SEPM on 12.1RU4a runs OpenSSL v1.0.1e and is presumably affected. I've not had a chance to check RU4MP1 yet.
As with the previous SEPM vulnerabilty, this should only really affect those who allow communications with external endpoints. If everything is internal, then your exposure will be limited.