Clients should be mostly safe from Heartbleed. Firefox, Opera, Chrome, Thunderbird, Internet Explorer don't use OpenSSL, and Apple's version of OpenSSL is not recent enough for it. The problem is the server side with all those web and application servers, proxy servers, etc. all using OpenSSL. It's the TLS heartbeat keep-alive code that is vulnerable. KeepassX does not fall into this category, fortunately.