A vulnerability involving predictable random numbers has been discovered in the OpenSSL packages included with Debian Etch and Ubuntu systems. This vulnerability affects all software which makes use of SSL/TLS encrypted connections, including Citadel.
Please see http://lists.debian.org/debian-security-announce/2008/msg00152.html for more detailed information.
In order to patch the OpenSSL vulnerability, issue this command:
apt-get update; apt-get upgrade
Afterwards, you should regenerate your private keys in SSL/TLS enabled applications, such as Citadel. The procedure for doing so on a Citadel installation using the Debian package is:
rm -f /etc/ssl/citadel/*
For an Easy Install system, it is:
rm -f /usr/local/citadel/keys/*
Then restart Citadel to make it generate new keys. If you are making use of certificates signed by a certificate authority, you will need to submit a new CSR to them for re-signing.
Naturally, if you are also running OpenSSH on your server, you will need to regenerate keys for that as well.