Eduserv has provided a security advisory giving information about the effect of the "Heartbleed" vulnerability on the OpenAthens product line. You can find the advisory here:
We will provide more information in the coming days describing remedial action to take if your system has been vulnerable, so that you can safely replace compromised private keys where appropriate.
Please contact the UK federation helpdesk (service at ukfederation.org.uk) if you have any additional questions about this advisory, or if you need help in determining whether your systems are vulnerable.
-- Ian Young, UK federation