Vnunet is reporting that an antique update to the randomness engine has left Ubuntu and Debian users vulnerable for more than two years. The bug allows an attacker to predict the generated cryptographic keys.

Fortunately, a patch is available here: http://secunia.com/advisories/30231/