original text:
KIKUCHI Masashi discovered that carefully crafted handshakes can
force the use of weak keys, resulting in potential man-in-the-middle
attacks.
It’s important that you upgrade the libssl0.9.8 package and not
just the openssl package.
All applications linked to openssl need to be restarted. You can
use the tool checkrestart from the package debian-goodies to
detect affected programs or reboot your system.
For Debian 6 Squeeze, these issues have been fixed in openssl version 0.9.8o-4squeeze16