14 DAY TRIAL // Canonical has released details in a security notice about a few NSS vulnerabilities that have been identified and repaired in Ubuntu 15.04, Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS, operating systems.
NSS stands for Network Security Service library, and it's safe to say that it's a pretty important component. The fact that more than one vulnerability has been closed in this update makes this a necessary update, which should be performed as soon as possible.
According to the security notice, "Karthikeyan Bhargavan discovered that NSS incorrectly handled state transitions for the TLS state machine. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to skip the ServerKeyExchange message and remove the forward-secrecy property."
This is just one of the issues that have been found and fixed. For a more detailed description of the problems, you can see Canonical's security notification. Users should upgrade their Linux distribution in order to correct these issues.
The flaw can be fixed if you upgrade your system(s) to the latest packages specific to each distribution. To apply the patch, you can simply run the Update Manager application. In general, a standard system update will make all the necessary changes. Apps that use NSS, such as Evolution and Chromium, will have to be restarted.