A new vulnerability that affected the Simple Streams packages has been found and corrected in Ubuntu 14.04 LTS and Ubuntu 15.04 by developers.
The issue that affected the simplestreams library has been corrected. From the looks of it, the applications that were using Simple Streams could have been made to crash or run programs if they received specially crafted network traffic. It's not a huge problem, but as usual, it's a good idea to upgrade.
"It was discovered that Simple Streams did not properly perform gpg verification in some situations. A remote attacker could use this to perform a man-in-the-middle attack and inject malicious content into the stream," is noted in the security notice.
More details about this issue can be found in the initial security notice. The problem can be easily solved if users upgrade to the latest lpython-simplestreams, simplestreams, python-simplestreams-openstack, and python3-simplestreams packages, specific to each distribution. Users can either use the automated process available in every Ubuntu version, or they can use the terminal. If they choose the terminal, they will need to enter the following commands (root is needed):
sudo apt-get dist-upgrade