This seems to be quite a catastrophic bug, since it was possible to get the private key parts of the SSL/TLS certificates, allowing eavesdropping of encrypted traffic.
Both ArchLinux and CentOS already had patches when I heard about the bug. My server is already patched. I also exchanged the certificates, and this time they aren't self-signed certificates. Now the certificates are signed by CACert. I also configured my mail server and HTTP server properly this time (HTTP should use forward secrecy now, if possible), so things should be pretty safe now, at least on this server.
Next step for me will be exchanging passwords (and come up with a new password formula). This is gonna be fun :/.