Ubuntu Security Notice USN-704-1 – It was discovered that OpenSSL did not properly perform signature verification on DSA and ECDSA keys. If user or automated system connected to a malicious server or a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/73669/USN-704-1.txt
Source: https://packetstormsecurity.com/files/73669/Ubuntu-Security-Notice-704-1.html