Ubuntu Security Notice USN-818-1 – Scott Cantor discovered that Curl did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/80427/USN-818-1.txt
Source: https://packetstormsecurity.com/files/80427/Ubuntu-Security-Notice-818-1.html