Ubuntu Security Notice 860-1 – Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user’s session.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/82799/USN-860-1.txt
Source: https://packetstormsecurity.com/files/82799/Ubuntu-Security-Notice-860-1.html