That's a pretty good analogy. It isn't too obvious from just looking at the diff, but once you
see the context you realize that they effectivly gutted ssleay_rand_bytes() and
ssleay_rand_add(), and apparently the fix only fixes one of those? So it looks like there is
still a problem.