Mandriva Linux Security Advisory 2011-092 - IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions. The updated packages have been patched to correct this issue.
099d0c6959ef7944a519048bbea3e12f3f6ec995cb7b6c0e3e1fa0cb57e22e72