There is a note for the graphical installers but not the same for binaries: NOTE: April 10, 2014: The installers for PostgreSQL 9.3.4-3, 9.2.8-3, 9.1.13-3, 9.0.17-3 and 8.4.21-3 have recently been updated to include a patch to address CVE-2014-0160, a TLS heartbeat read overrun issue in the OpenSSL library that is packaged in the installer.
Can you please let us know about the impact in case binaries are being shipped and SSL is off?