Ruby Net::HTTP SSL Insecure Certificate Validation Weakness

Ruby Net::HTTP SSL Insecure Certificate Validation Weakness

References:

Revision 13499 (Ruby)
Revision 13500 (Ruby)
Revision 13502 (Ruby)
Revision 13504 (Ruby)
Ruby Homepage (Yukihiro Matsumoto)
Ruby Net::HTTPS library does not validate server certificate CN (Chris Clark )
RHSA-2007:0961-4 Moderate: ruby security update (Red Hat)
RHSA-2007:0965-3 Moderate: ruby security update (Red Hat)

Privacy Statement
Copyright 2010, SecurityFocus