The best way I've found to make sure you're not compromised on an Ubuntu droplet:
apt-get changelog openssl | grep 2014-0160
If you get a hit, the library you're currently using has updated to address heartbleed specifically. This approach is less error prone than library versions, because sometimes your OS provider will release a fixed version of the old library you were using.
Weirdly, I'm on Ubuntu 13.04, getting my updates directly from Ubuntu (rather than a DOcean mirror), and the apt-get update / apt-get upgrade cycle didn't fix it. I've only been toying with SSL for my site anyhow.