Ubuntu Security Notice USN-179-1 - The current default algorithm for creating message digests (electronic signatures) for certificates created by openssl is MD5. However, this algorithm is not deemed secure any more, and some practical attacks have been demonstrated which could allow an attacker to forge certificates with a valid certification authority signature even if he does not know the secret CA signing key. Therefore all Ubuntu versions of openssl have now been changed to use SHA-1 by default.
edbc843d8f4af43ca289e0bf680fcdd3e70200689c88d4a50069328b0e77b252