The USN-3628-2: OpenSSL vulnerability is fixed automatically and installed on SecureDrop production instances. It will trigger the following OSSEC alerts and is expected.
OSSEC HIDS Notification. 2018 Apr 20 04:45:53 Received From: mon->syscheck Rule: 552 fired (level 7) -> "Integrity checksum changed again." Portion of the log(s): Integrity checksum changed for: '/usr/bin/openssl'