On May 10, in a security notice Canonical published details about a telepathy-idle vulnerability for its Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.
According to Canonical, telepathy-idle could have been made to expose sensitive information over the network.
It was discovered that telepathy-idle did not perform any server certificate validation when using SSL connections.
If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to alter or compromise confidential information.
The security flaws can be fixed if you upgrade your system(s) to the latest telepathy-idle package, specific to the distribution. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes. After the system update, you need to reboot your computer to make all the necessary changes.