14 DAY TRIAL // Canonical has published details about an OpenSSL regression in Ubuntu 14.04 LTS, Ubuntu 13.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
Ubuntu developers made a small update to the OpenSSL a while back, but they have inadvertently introduced a regression. This latest update is specifically for that regression.
According to the security notice, "USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL."
The initial vulnerability stated that, among other problems, OpenSSL incorrectly handled invalid DTLS fragments. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This is just one of the issues fixed by the previous update, but only one regression was registered.
The issue can be fixed if you upgrade your system(s) to the libssl1.0.0 specific to each distribution. To apply the patch, you can simply run the Update Manager application and enter apt-get update and apt-get dist-upgrade from the terminal.
In general, a standard system update will make all the necessary changes and you will have to reboot the system.
If you have problem updating the system, for whatever reason, Canonical provides wiki with some instructions.