Heartbleed exlpained by Ernie Souhrada in context of upgrading or emailing your users of Apache, MySQL, and other software – http://www.mysqlperformanceblog.com/2014/04/09/heartbleed-separating-faq-from-fud/.
Ernie Souhrada does not give a yes-no checklist for reset password based on your Linux version but if you have the know-how, then you can figure out if you need to email every user to reset their password. Thank you Ernie! Our clients are patched and good for now as hackers try to break into bank accounts and other major corps.
This article helped me answer a couple questions (hence FAQ versus FUD).
Let me digress, I hate FUD (Fear-Uncertainty-Doubt). Political stances aside, there is way too much FUD these days with computer security. I want to spread anti-FUD and thus decrease the FUD population.
If your mind exploded, sorry. I try to make software easy to explain, Apple-pretty and rock solid. Software is very complicated. In the meantime, money hungry hackers in low-cost countries will try to maximize profits in the time they have so patch your servers.
Overall, seems like a huge gaping security hole for Open Source community, but I still put more trust in open source over closed source.