Kaspersky's Threatpost reports that Oracle employee Zhiang Wang introduced a patch to the Open Source socat utility which broke its security by changing a hard coded Diffie-Hellman prime number to a 1024 bit number that is not prime (archived). While substantial discussion is occurring around whether the change was introduced to create backdoor, the change as a point of fact broke the security promised by socat.