With the GnuTLS bugfixes recently, I faced the issue to restart services that depended on it: After updating the library, daemons still run the old version until restarted.

I think I've seen this automated in some distribution, but it's nice to know where those tools fetch their data.

I also didn't want to restart them all automatically, so keep track of what's going on.

A bit of searching quickly provided the following solution:

$ sudo grep "(deleted)" /proc/*/maps

This provides a list of deleted files that are still in use. Filter as necessary for the library you care for.

The output contains the PID of the processes in question (/proc/$pid/maps). Use ps to figure out which processes these are and restart them.

tl;dr: Updating packages is not enough, especially with security bugs. Always check if you need to restart any dependent services, too.