Ubuntu Security Notice 1937-1 – It was discovered that PHP did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications…. Ubuntu Security Notice 1937-1 – It was discovered that PHP did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

Read more http://packetstormsecurity.com/files/123105/USN-1937-1.txt