Ubuntu Security Notice USN-339-1 - Philip Mackenzie, Marius Schilder, Jason Waddle and Ben Laurie of Google Security discovered that the OpenSSL library did not sufficiently check the padding of PKCS #1 version 1.5 signatures if the exponent of the public key is 3 (which is widely used for CAs). This could be exploited to forge signatures without the need of the secret key.
f353aeb0d2f6e5450daa438299f434f33461047f6023cd7eeb31a4405527fa8e