The Heartbleed bug just doesn't quit. When Google announced it had patched its key services, it also mentioned Android was largely unaffected, with one (big) exception -- devices running Android 4.1.1.
The good news is Google has already sent a patch to its Android partners. The bad news? Now we have to wait for those partners to implement it, followed by carriers testing and pushing out the update. Android users know how slow this process can be. Hopefully with the critical nature of the Heartbleed bug, and the attention it's received, these partners and carriers will work quickly to get the fix out.
In the meantime, to verify if your Android device is at risk, security company Lookout has released a free app. The app, called Heartbleed Detector, scans your device and reports the results. I have yet to find a device that doesn't report that the offending version of OpenSSL is present, however if it isn't enabled, as in the photo above, then your device is not at risk.
Right now, if your device is affected, there's not much you can do other than wait for an update. You can typically check for updates by going into Settings > About > Software update.
Download Heartbleed Detector to check your device.