14 DAY TRIAL // On March 14, Canonical published in a security notice details about a NSS vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.
According to Canonical, NSS could be made to expose sensitive information over the network.
Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in NSS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data.
For a more detailed description of the security problems, you can visit Canonical's security notification.
The security flaws can be fixed if you upgrade your system(s) to the latest libnss3 package, specific to each distribution. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes. A system restart will not be necessary to implement the changes.