Ernie Souhrada does not give a yes-no checklist for reset password based on your Linux version but if you have the know-how, then you can figure out if you need to email every user to reset their password. Thank you Ernie! Our clients are patched and good for now as hackers try to break into bank accounts and other major corps.
If your mind exploded, sorry. I try to make software easy to explain, Apple-pretty and rock solid. Software is very complicated. In the meantime, money hungry hackers in low-cost countries will try to maximize profits in the time they have so patch your servers.
Overall, seems like a huge gaping security hole for Open Source community, but I still put more trust in open source over closed source.