Your Bitcoins may be considered compromised if:
- You used the payment protocol by clicking a bitcoin: link and a green payment box popped up.
- You used the rpcssl command-line option on any other version of Bitcoin Core (0.9.0 included)
If this is the case, you should move your Bitcoins to a different password encrypted wallet.
Anyone who compiled Bitcoin Core themselves or use Linux should update their system's version of OpenSSL.
Android version 4.1.1 is vulnerable to HeartBleed. If possible, update to a newer version of Android. People who are using Bitcoin Wallet on their Android device should update to at least version 3.45.
The HeartBleed bug is a vulnerability in OpenSSL where anyone can read the contents of the vulnerable computer. It is very simply explained in Friday's XKCD: