Most of them maybe, but the really good ones are not that. Computing science has very little to do with programming.

I don't know the ins and outs of H1B, but don't they usually require a master degree?

It obviously didn't stop OpenBSD. They were on 3.10 last time I checked,

You have plenty of documentation available on https://help.gnome.org/users/ and https://developer.gnome.org/.

You can't stop someone from using the software the way they want. That's an essential part of how free software works.

People have, it's called nss.

The important thing was that it wasn't Flash. ./ refused to give me anything but Flash until I did that.

It actually gave me a "less evil" .mp4 when I changed the user-agent string to "iPad".

If employers were allowed to fire people simply because they "didn't wanted them around" do you think we would end up in a good society?

Which contains the patch.
http://changelogs.ubuntu.com/c...

Make sure you restart the service. Any processes launched before installing the patch may still include the old version of the shared library.

OpenSSL 0.9.8 is still maintained. Version 0.9.8y came out about a year ago and 0.9.8za is currently in development.

And what would be an appropriate language for writing security-critical software?

It did affect your laptop, but it is patched if you have kept up with installing security updates. Ubuntu backports important fixes like this one but the version number will still be reported as the base version Ubuntu uses.

Unless you're running a custom version of OpenSSL, like the one on Debian. Ir reports itself as 1.0.1e, but is in fact a 1.0.1e with the specific bug fix backported.

That's absolutely not the case. OpenSSL has a stable ABI within each major release, like 0.9.8 or 1.0.1. This is no different from any other library. They have a slightly odd version scheme compared to most other libraries but that's about it.