The IO::Socket::SSL module for Perl is prone to a security-bypass vulnerability. Successfully exploiting this issue allows attackers to bypass certain security restrictions, which may aid in spoofing attacks. Versions prior to IO::Socket::SSL 1.35 are vulnerable.

Updates are available. Please see the references for more information.

• http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058
• http://search.cpan.org/dist/IO-Socket-SSL/
• https://www.securityfocus.com/bid/45189

---

Updated on 2017-03-28