Great. So now there's a timing-based attack against both current OpenSSL versions: 0.9.6i and 0.9.7a. No replacement packages yet, but there is a patch and a proof of concept of the vunerability.
This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.