Will someone from Liferay please issue a response?

Liferay itself does not contain OpenSSL, but many sites that use Liferay also use software to implement SSL that relies on OpenSSL, so depending on which version of OpenSSL you have, you might be vulnerable and need to update it (More information about how to know if you are affected and how to update is here). There's no patch for Liferay necessary though, just update OpenSSL and revoke/re-issue certs (and invalidate HTTP/HTTPS sessions, and so on, as described on the heartbleed page).

Liferay.com was also affected by this (see the Liferay security statement). The servers have all been updated, and we are in the process of revoking/re-issuing the SSL certs as an added precaution. There's no evidence of a breach (although this particular vulnerability doesn't leave a trace, so that's not saying much). Once the certs are updated (hopefully very soon, like in the next few days), you'll want to change your password (but not before that). We are going to send out more announcements once this is done instructing users of liferay.com what to do. I'll post here as well once it's done.