I’ll skip trying to re-explain everything and just link to: http://heartbleed.com/
The short version is that OpenSSL versions in the last ~2 years are vulnerable to having basically any confidential information stolen. Any exploited servers are vulnerable to having previously sniffed traffic decrypted, even after patching out the vulnerability. It is recommended that you regenerate your SSL private keys and certificates, even after patching, and revoke the previous certificates with your certificate authority.
All in all, very bad. Approximately 1/3 of the Internet is effected. FRII is advising all customers to take this extremely seriously (as we are) and take every precaution. FRII has already patched all potentially vulnerable portions of our infrastructure, and any potentially compromised certificates will be revoked and replaced as soon as possible.