Attention, Linux users: Developers have just announced the discovery of a serious security flaw in the GnuTLS library, affecting many, many open source applications and software packages. This includes users of Red Hat, Debian, and Ubuntu, among many others.
Similar to the newly-discovered iOS security bug, the Linux bug leaves users vulnerable to eavesdropping. Because it causes errors in the verification of security certificates, the bug makes it easy for attackers to bypass SSL and TLS connections in any website or application that uses that particular library, allowing them to eavesdrop on—and decode— encrypted traffic.
Developers recommend that all users update GnuTLS to version 3.2.12.
For more information, see this article at arstechnica.com.