I doubt it, the heatbleed issue is with OpenSSL which is a common add on part of e-commerce sites and not the encrypted ttls interface of the Tivo. And even if it was, you Tivo is local to your home network and unless a hacker has gained access to the internal home network, they would be targeting your PC were you might be logging into things like email and online banking. There isn't a lot of sensitive data involved with your Tivo box it's self shy of your MAK. As long as your Tivo isn't accessible directly on the Internet, there shouldn't be any reason to worry.
If I understand correctly, the reason for SSL encryption on the Web interface is to keep the recordings transfers more secure so one can't circumvent the recordings encryption, while the .Tivo file are encrypted, the enterface to transfer them requires a secure http interface too.
TiVo Roamio Pro
TiVo Mini (three)