14 DAY TRIAL // On September 23, in a security notice, Canonical published details about a pyOpenSSL vulnerability for its Ubuntu 13.04, Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
According to Canonical, fraudulent security certificates could have allowed sensitive information to be exposed when accessing the Internet.
It has been discovered that pyOpenSSL did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could have exploited this problem in order to perform a “man in the middle” attack, to view sensitive information or alter encrypted communications.
For a more detailed description of the security problems, you can visit Canonical's security notification.
The security flaws can be fixed if you upgrade your system(s) to the latest python3-openssl and python-openssl packages, specific to each distribution. To apply the update, run the Update Manager application.
In general, a standard system update will make all the necessary changes. A system restart will not be necessary to implement the changes.