Since this bug came to light, there has been a lot written about it in both the popular and technical press (& blogs, websites etc). A simple search (for example on https://startpage.com/) will bring up pages of technical details.
From a practical point of view, the most important advice is change your passwords. However, before doing this make sure that the site have verified that they have addressed the bug. There’s no point in going through the exercise of changing a password on vulnerable site as the protections are not in place so a bit of forward planning is crucial.
Take a systematic approach to changing passwords
If you’ve been using the internet for any length of time (over a week), you will have probably registered on at least one site. If you’ve been using it any longer, you’ll have registered on multiple sites.