Mandriva Linux Security Advisory : ruby (MDVSA-2008:029)
Medium Nessus Plugin ID 38115
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionRuby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet, Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a possible man-in-the-middle attack, when using SSL, due to a missing check of the CN (common name) attribute in SSL certificates against the server's hostname.
The updated packages have been patched to prevent the issue.
SolutionUpdate the affected packages.