Ubuntu Security Notice 929-1 – It was discovered that irssi did not perform certificate host validation when using SSL connections. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Aurelien Delaitre discovered that irssi could be made to dereference a NULL pointer when a user left the channel. A remote attacker could cause a denial of service via application crash. This update also adds SSLv3 and TLSv1 support, while disabling the old, insecure SSLv2 protocol.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88484/USN-929-1.txt
Source: https://packetstormsecurity.com/files/88484/Ubuntu-Security-Notice-929-1.html