Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.
A flaw was found in a way rubygems verified the API endpoint hostname retrieved through a DNS SRV record. A man-in-the-middle attacker could use this flaw to force a client to download content from an untrusted domain. (CVE-2015-3900)
All rh-ruby22-ruby users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running instances of Ruby need to be restarted for this update to take effect.