Actually the good news is that 0.8.x is only vulnerable to the Heartbleed bug if you're using RPCSSL. If you've ever used the -rpcssl plus the -rpcallowip option when starting Bitcoin, then you should probably consider your wallet compromised to be safe. This means you should create a new wallet.dat file, send all your btc to it (via the network), and stop using all of your old addresses.

If you've never used those options, then you're safe from this particular bug.

Having said all that, it's still a good idea to upgrade anyways (and of course keeping up to date with all of your operating system updates is even more important).