You wonder if you OS X have this OpenSSL vulnerability?
Well, normally NOT because it comes with OpenSSL 0.9.8y but if you have MacPorts, Homebrew or Fink installed, read on.

For this short tutorial I take Mavericks since it is the newest and MacPorts because I have it installed:

Check OpenSSL version:

fmbp:~ home$ openssl version
OpenSSL 1.0.1e 11 Feb 2013

Vulnerable but not the OS version because if we look better, it points out to the macports binary:

fmbp:~ home$ which openssl
/opt/local/bin/openssl

The OS version is here:

fmbp:~ home$ /usr/bin/openssl version
OpenSSL 0.9.8y 5 Feb 2013

Fortunately MacPorts have the latest version not impacted so you can fix this by just updating the package:

fmbp:~ home$ sudo port selfupdate
fmbp:~ home$ [color=green]sudo port upgrade openssl[/color] # or "sudo port -v upgrade outdated"
fmbp:~ home$ openssl version
OpenSSL 1.0.1g 7 Apr 2014

If you want to switch to the OS version, do the following commands:

Note: any update of your custom repository (like port upgrade openssl above) will revert this modification.

fmbp:~ home$ sudo mv /opt/local/bin/openssl /opt/local/bin/openssl.bad
fmbp:~ home$ sudo ln -s /usr/bin/openssl /opt/local/bin/openssl
fmbp:~ home$ openssl version
OpenSSL 0.9.8y 5 Feb 2013

Once fixed, it is recommended to take some further steps so read on about OpenSSL vulnerability and other valuable details here: http://tar.gz.ro/openssl-heartbleed.html
Of course, you can check also if MacPorts or whatever you use repository is updated with a non vulnerable version but I leave that to you.

The big problem with this vulnerability is the servers you are connecting to. Of course, it is not good to have a buggy version of OpenSSL so that is why the tutorial above but you better test with a simple perl script if your services, mail and web servers are vulnerable.
The script is written in python and available here: http://tar.gz.ro/openssl-heartbleed.html