it was actually mentioned in the readme but i agree it could have been clearer that the previous hf isn't needed. in the readme there is a note in the resolved issues section that refers to the previous hf.
The OpenSSL library version 1.0.1h also contains the fix
for CVE-2014-0160 (OpenSSL Heartbeat vulnerability).
For more information on CVE-2014-0160, see
that is what hf 961473 was all about.