Mandriva has issued this advisory today (April 19):
Cauldron is not vulnerable (we already have 1.0.0i).
Patched package uploaded.
Updated openssl packages fix security vulnerability:
A potentially exploitable vulnerability has been discovered in
the OpenSSL function asn1_d2i_read_bio that affects S/MIME or CMS
applications using the built in MIME parser SMIME_read_PKCS7 or
Updated packages in core/updates_testing:
Testing complete on i586 for the srpm
Testing using apache with https://localhost/,
kolab, and cyprus-imapd.
Tested OK x86_64 with the procedures on the wiki and apache
See comment 1 for advisory and srpm
Could sysadmin please push from core/updates_testing to core/updates