All the other supported Ubuntu distros have been affected by this problem

Jun 2, 2014 20:31 GMT  ·  By

Details about a GnuTLS vulnerability in Ubuntu 14.04 LTS, Ubuntu 13.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems have been published by Canonical in a security notice.

It’s been a while since the last security update for the Ubuntu suite of Linux distributions and now the developers have closed a GnuTLS issue. It’s not a major problem, but it still needed fixing.

According to the security notice, “Joonas Kuorilehto discovered that GnuTLS incorrectly handled Server Hello messages. A malicious remote server or a man in the middle could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.”

For a more detailed description of the problems, you can see Canonical's security notification. Users should upgrade their Linux distribution in order to correct this issue.

The flaw can be fixed if you upgrade your system(s) to the libgnutls26 specific to each distribution. To apply the patch, you can simply run the Update Manager application.

If you don't want to use the Software Updater, you can open a terminal and enter the following commands (you will need to be root):

sudo apt-get update sudo apt-get dist-upgrade In general, a standard system update will make all the necessary changes and you won’t have to restart the computer.