14 DAY TRIAL // Canonical has announced that an Apache Standard Taglibs vulnerability has been fixed for Ubuntu 14.10 and Ubuntu 14.04 LTS. This is not a major problem, but an update doesn't hurt.
Apache Standard Taglibs is the implementation of JSP Standard Tag Library (JSTL) and developer found that it didn't properly handle external XML entities. This problem has been corrected.
"David Jorm discovered that the Apache Standard Taglibs incorrectly handled external XML entities. A remote attacker could possibly use this issue to execute arbitrary code or perform other external XML entity attacks," reads the security advisory.
For a more detailed description, you can see Canonical's security notification. Users are advised to upgrade their systems as soon as possible, especially for the libjakarta-taglibs-standard-java and libjstl1.1-java packages. You can either upgrade Ubuntu with the regular tool or you can also use the terminal to upgrade the system. Just enter these commands in a terminal near you (root is required):
[CODE=0]sudo apt-get update sudo apt-get dist-upgrade[CODE=1
In general, a standard system update will make all the necessary changes. This is not a core component and it's not required to reboot the system in order to finish the updating procedure. The update is a small one and it shouldn't take too long, unless some other packages are also in the queue.