Referenced CVEs:
CVE-2009-3555
Description:
===========================================================Ubuntu Security Notice USN-927-1 April 09, 2010nss vulnerabilityCVE-2009-3555===========================================================A security issue affects the following Ubuntu releases:Ubuntu 9.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 9.10: libnss3-1d 3.12.6-0ubuntu0.9.10.1After a standard system upgrade you need to restart your session to effectthe necessary changes.Details follow:Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3protocols. If an attacker could perform a man in the middle attack at thestart of a TLS connection, the attacker could inject arbitrary content atthe beginning of the user's session. This update adds support for the newnew renegotiation extension and will use it when the server supports it.
More...