14 DAY TRIAL // Canonical said that a number of OpenSSL vulnerabilities have been found and fixed in its Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
The Ubuntu developers have integrated a few security fixes into OpenSSL, and users need to upgrade their systems to patch the problems.
“Adam Langley discovered that OpenSSL incorrectly handled memory when processing DTLS fragments. A remote attacker could use this issue to cause OpenSSL to leak memory, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS,” reads the security notice.
Also, “Ivan Fratric discovered that OpenSSL incorrectly leaked information in the pretty printing functions. When OpenSSL is used with certain applications, an attacker may use this issue to possibly gain access to sensitive information.”
These are just a couple of the vulnerabilities found and fixed, and for a more detailed description of the problems you can check Canonical's security notification. Users are advised to upgrade their systems as soon as possible.
The flaws can be fixed if you upgrade your system(s) to the latest libssl1.0.0 packages specific to each distribution. To apply the patch, run the Update Manager application.
In general, a standard system update will make all the necessary changes and it will be necessary to restart the system in order to finish the process.