A vulnerability has been found and corrected in perl-IO-Socket-SSL:

IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE,
fails open to VERIFY_NONE instead of throwing an error when a
ca_file/ca_path cannot be verified, which allows remote attackers to
bypass intended certificate restrictions (CVE-2010-4334).

The updated packages have been patched to correct this issue.