14 DAY TRIAL // On March 19, in a security notice Canonical published details about Apache HTTP Server vulnerabilities for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 10.04 LTS, and Ubuntu 8.04 LTS operating systems.
According to Canonical, several security issues were found and repaired in the Apache HTTP Server.
Niels Heinen discovered that multiple modules incorrectly sanitized certain strings, which could result in browsers becoming vulnerable to cross-site scripting attacks, when processing the output. This meant that a remote attacker could have exploited this problem in order to modify the contents, or steal confidential data (such as passwords), within the same domain.
For a more detailed description of the security problems, you can visit Canonical's security notification.
Users can simply fix the security flaws by upgrading the operating systems to the apache2.2-common package, specific to each distribution.
A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is not necessary.