I tried fixing the heartbleed bug on my debian installation.
Most of the websites suggest, that updating to the newest Openssl release
fixes the problem.
Howevery, an "apt-get install openssl" did not fix the problem.
The test website http://filippo.io/Heartbleed/ said - still vulnerable, although
the newest openssl release was fetched by the apt command.
I found a more thoroughly explanation of a possible fix at: