Ubuntu and Debian users take note. Today Ubuntu and Debian released patches to the OpenSSL package to fix a critical vulnerability in how the package generates encryption keys. Roughly two years ago the maintainers removed the call to the system's random number generator. This makes all keys generated on affected systems predictable. This vulnerability affects SSH keys, OpenVPN keys, DNSSEC keys, SSL/TLS session keys and key material in X.509 certificates.

Any Ubuntu or Debian users should download and install the updated packs and regenerate any keys made in the past two years.

Here is a link to the advisory:
http://www.debian.org/security/2008/dsa-1571
http://www.ubuntu.com/usn/usn-612-1

Cheers,
Matt

P.S. Special thanks to Chris for bringing this to my attention.