TL;DR from the lead developer Rich Salz, on Twitter:

openssl 1.1.0a had a use-after-free bug in its fix. :( 1.0.2 had a crash in its fix. :( please update.

https://twitter.com/RichSalz/status/780383148236541953