14 DAY TRIAL // Canonical published details about the NSS vulnerability in its Ubuntu 13.10, Ubuntu 13.04, Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
According to the company, NSS could have been made to expose sensitive information over the network.
It has been discovered that NSS incorrectly handled the TLS False Start feature. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to spoof SSL servers.
For a more detailed description of the problems, you can see Canonical's security notification.
The security flaws can be fixed if you upgrade your system(s) to the latest libnss3 package specific to each distribution. To apply the patch, run the Update Manager application.
In general, a standard system update will make all the necessary changes and you will have to restart the system.