!security - I'm feeling like I haven't been paying enough attention to the travails of openssl. Is the project just having a bad year? Is this normal? Is it time to switch to libressl or something else?

!security - I'm feeling like I haven't been paying enough attention to the travails of openssl. Is the project just having a bad year? Is this normal? Is it time to switch to libressl or something else?