14 DAY TRIAL // Canonical has published details in a security notice about an NSS vulnerability in Ubuntu 14.10, Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems. This problem has been corrected and an update has been issued.
A small update has been released for NSS (Network Security Service library), which could have been made to expose sensitive information over the network.
"It was discovered that NSS incorrectly handled certain ASN.1 lengths. A remote attacker could possibly use this issue to perform a data-smuggling attack," is noted in the announcement.
For a more detailed description of the problems, you can see Canonical's security notification. Users should upgrade their Linux distribution in order to correct this issue. As usually, you can just run the Update Manager and let that application take care of everything. It should be fast, but it's not obligatory.
If you don't want to use the Software Updater, you can open a terminal and enter the following commands (you will need to be root):
sudo apt-get dist-upgrade