Ruby is an extensible, interpreted, object-oriented, scripting language.
It has features to process text files and to perform system management
tasks.
A flaw was found in a way rubygems verified the API endpoint hostname
retrieved through a DNS SRV record. A man-in-the-middle attacker could use
this flaw to force a client to download content from an untrusted domain.
(CVE-2015-3900)
All rh-ruby22-ruby users are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. All running
instances of Ruby need to be restarted for this update to take effect.