You can find new Version here: http://openssl.org/source/ – the packages for most linux distributions are probably in the work right now. (Check relevant links below)
As the website of OpenSSL doesn’t spit out the security advisory right now, here they are: openssl_secadv_20150319
The highest classified vulnerability is a DoS vulnerability in ClientHello which only seems to affect OpenSSL Version 1.0.2 – users should upgrade to 1.0.2a.
If a client connects to an OpenSSL 1.0.2 server and renegotiates with an invalid signature algorithms extension a NULL pointer dereference will occur. This can be exploited in a DoS attack against the server. – OpenSSL Announcement
In advance, they’re re-rated the issue “RSA silently downgrades to EXPORT_RSA” which is now high severity (previously low).