Sorry guys, I just realized I should've posted this to the dev list
first, before/instead of putting it on the forums.
*I still have some of my private keys in plaintext. *I would guess that
BSDDB sometimes will "overwrite" data by just discarding a pointer to
the old data, and writing the replacement to a new location within the
file. In that case, examining the file with a BSDDB library tool is not
going to find this problem. You'll have to examine the raw binary file
as I did. Instructions for verifying this problem are in the post.
Can someone please verify that this is a real problem? (and should we
maybe remove my post until there's a remediation plan? This is problem
the best kind of problem to disclose after it's fixed)