I was able to patch the service with a non-vulnerable openssl obtained from Red Hat rpms:
openssl-1.0.1e-16.el6_5.7.x86_64.rpm
openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm
It is necessary to extract the binary, libraries and creating the necessary symlinks:
/opt/hp/hpsmh # ll bin/openssl
-rwxr-xr-x 1 czkccz adminux 521472 Apr 15 10:00 bin/openssl
/opt/hp/hpsmh # ll lib/libssl.so*
lrwxrwxrwx 1 root root 16 Apr 15 10:06 lib/libssl.so -> libssl.so.1.0.1e
lrwxrwxrwx 1 root root 16 Apr 15 10:06 lib/libssl.so.1.0.0 -> libssl.so.1.0.1e
-rwxr-xr-x 1 czkccz adminux 441112 Apr 15 10:01 lib/libssl.so.1.0.1e
/opt/hp/hpsmh # ll lib/libcrypto.so*
lrwxrwxrwx 1 root root 19 Apr 15 10:09 lib/libcrypto.so -> libcrypto.so.1.0.1e
lrwxrwxrwx 1 root root 19 Apr 15 10:09 lib/libcrypto.so.1.0.0 -> libcrypto.so.1.0.1e
-rwxr-xr-x 1 czkccz adminux 1950976 Apr 15 10:08 lib/libcrypto.so.1.0.1e
lrwxrwxrwx 1 root root 19 Apr 15 10:10 lib/libcrypto.so.10 -> libcrypto.so.1.0.1e
/opt/hp/hpsmh #
I ran the script (https://github.com/noxxi/p5-scripts/blob/master/check-ssl-heartbleed.pl) to check and indicated that it is no longer vulnerable.
# /etc/init.d/hpsmhd start
Starting hpsmhd .. done
# ./ssl-hearbleed-check.pl -s 127.0.0.1:2381
...ssl received type=22 ver=0x301 ht=0x2 size=77
...ssl received type=22 ver=0x301 ht=0xb size=968
...ssl received type=22 ver=0x301 ht=0xe size=0
...send heartbeat#1
no reply - probably not vulnerable
#
I hope it will be useful, while a new hpsmh version is released.
Regards
Sergio Ramirez
GNU/Linux Team
HP Enterprise Services México