Debian Security Advisory 1410-1 – Several vulnerabilities have been discovered in Ruby, an object-oriented scripting language. It was discovered that the Ruby HTTP(S) module performs insufficient validation of SSL certificates, which may lead to man-in-the-middle attacks. It was discovered that the Ruby modules for FTP, Telnet, IMAP, POP and SMTP perform insufficient validation of SSL certificates, which may lead to man-in-the-middle attacks.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/61230/dsa-1410-1.txt
Source: https://packetstormsecurity.com/files/61230/Debian-Linux-Security-Advisory-1410-1.html