When I found out about DSA-1571, I immediately upgraded my openssl package and regenerated ssh keys.
In a few days I received notification from code.haskell.org admins, which informed me that my code.haskell.org account is blocked due to the compromised ssh key (they checked all keys against ssh blacklist, provided by Debian). I installed that blacklist too, and my key really appeared to be weak. I tried to regenerate keys several times, and all of them were in blacklist.
Finally I figured out the problem: I upgraded openssl, but didn't touch libssl and openssh packages. From the one point, it was my fault -- I didn't upgraded all vulnerable packages. From the other, this problem could be avoided by bumping dependency versions, so that leaving vulnerable versions would be unacceptable by package manager. In any case, today you cannot just rely on software writers and maintainers and feel secure.