I know that this issue has not much to do with Hiawatha (of course not, thanks to PolarSSL). But because it’s one of the most critical bugs in a long time, I’m using every means I can to inform as much people. A severe bug has been discovered in OpenSSL which allows an attacker to steal the private key. Yes, you’re reading that correctly.
More information about this bug can be found at http://heartbleed.com/
Test if your service is vulnerable via http://filippo.io/Heartbleed/
This requires action now! Also note that patching is not enough. It might be possible that your private key has already be stolen. The most nasty part about this bug is that a successful attack leaves no trace!