The recent vulnerability in OpenSSL’s verification of DSA signatures is big news. Both OpenSSL’s advisory and the OS vendors’ notices I’ve seen say that this affects clients of particular servers:

Everyone using OpenSSL releases prior to 0.9.8j as an SSL/TLS client when connecting to a server whose certificate contains a DSA or ECDSA key.

Remember, the adversary controls the server. End-user browsers contain a few DSA certificate authorities. For the same reason that Verisign CA’s customers were vulnerable to the MD5 substitution vulnerability—even though only RapidSSL had the problem—this is really a man-in-the-middle attack on SSL and TLS generally.