As you’ve probably heard all over the net, a vulnerability was found in a very popular and critical piece of software that a lot of sites on the net use. While we also use said piece of software, our version is a bit older and therefore we’re not affected by this bug. There is no need to change your password, unless you use a common password on any of these affected sites listed in the link above.
To get an idea of how serious this issue is, take a look at this stunning list of affected sites!
But, don’t take our word for it. Use this link to check to see if musicbrainz.org is affected.
Now go and change your passwords. NOW!
MetaBrainz Blog 
Is this the case for all MusicBrainz servers? E.g., is the CAA OK as well? I know we have a bunch of servers all at different versions – just want to make sure nothing was missed 🙂
All of the servers under our control are fine. We have only one SSL endpoint and that one is fine. Not so sure about Archive’s servers.
at least https://filippo.io/Heartbleed/#coverartarchive.org says it’s fixed or unaffected
yeeeargh: That’s a “server under our control”. It’s not the Archive.
https://filippo.io/Heartbleed/#ia701205.us.archive.org
still looking good though. but it can’t hurt to ask anyways.