I've got a personal server and a laptop running Ubuntu Hardy.  I've run 
full system updates including libssl, openssl, etc.

Crypto isn't really my thing, so I'm not sure all the places where this 
issue might have affected me.  After the update, I regenerated my host 
keys for openssh, the certificate used for courier-imap-ssl, and the 
self-signed cert I use for the web server.

What other steps might I need to take?  Are the things I've done so far 
sensible, or were they unnecessary?

thanks,
alex