[DRE-maint] Bug#798466: ruby-devise-two-factor: TOTP Replay Attack (no CVE yet)
Salvatore Bonaccorso
carnil at debian.org
Thu Sep 17 17:51:29 UTC 2015
Control: retitle ruby-devise-two-factor: CVE-2015-7225: TOTP Replay Attack
Hi,
On Wed, Sep 09, 2015 at 07:10:29PM +0200, Moritz Muehlenhoff wrote:
> Package: ruby-devise-two-factor
> Severity: grave
> Tags: security
> Justification: user security hole
>
> Hi,
> please see http://www.openwall.com/lists/oss-security/2015/09/06/2
> for details.
CVE-2015-7225 has now been assigned for this issue.
Regards,
Salvatore
More information about the Pkg-ruby-extras-maintainers
mailing list