What happened

The version of OpenSSL used by Bitcoin Core software version 0.9.0 and earlier contains a bug that can reveal memory to a remote attacker. See https://heartbleed.com/ for details.