The entire release notes list for 1.0.1 is always available at http://www.openssl.org/news/openssl-1.0.1-notes.html
For historical reasons, here's last version's post:
1.0.1j:OpenSSL 1.0.1k was released a few days ago, so everything has been upgraded again. Just to clarify, we are on the OpenSSL mailing list so we were made aware of it as soon as it was released, and we upgraded all the servers for it the same day. It's just this forum post that's coming out a little late, not the upgrade to 1.0.1k.
This version fixes the following vulnerabilities:
DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)
DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
no-ssl3 configuration sets method to NULL (CVE-2014-3569)
ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)
RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)
DH client certificates accepted without verification [Server] (CVE-2015-0205)
Certificate fingerprints can be modified (CVE-2014-8275)
Bignum squaring may produce incorrect results (CVE-2014-3570)
More information is at http://openssl.org/news/secadv_20150108.txt
OpenSSL 1.0.1j was released about an ago. All the nodes have been upgraded to this version and the OpenVPN processes have all been restarted.
(OpenSSH has also been upgraded to 6.7p1 while we were in there too, just because , even though that's firewalled off).
OpenSSL version 1.0.1j fixes the following vulnerabilities:
SRTP Memory Leak (CVE-2014-3513)
Session Ticket Memory Leak (CVE-2014-3567)
SSL 3.0 Fallback protection (The POODLE thing [CVE-2014-3566], among others)
Build option no-ssl3 is incomplete (CVE-2014-3568)
For more information, visit https://www.openssl.org/news/openssl-1.0.1-notes.html