Re: CVE Request: TOTP Replay Attack in Ruby library "devise-two-factor"

[Justin Bull <me () justinbull ca>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello,

After working with the vendor maintainers, a fix has been implemented and
released under version 2.0.0 of the software.

Upgrading notes can be found here:
https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md

- --
Best Regards,
Justin Bull
PGP Fingerprint: E09D 38DE 8FB7 5745 2044 A0F4 1A2B DEAA 68FD B34C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2

iQIcBAEBCgAGBQJV+WydAAoJEESFZfv8+htY/AIQAJHS2x/2n2/LYCTuuQ6oLTUL
y4mf6XTV3uSr1/oUNnWZPZ/a5c686GaU2x1yUSy0Sz58ayhpm9JcymA3KhNexOqG
uRb7RUGrLmeg7T//qoq4nf6+kfXQvEw1pSvV0C8mnthh2E3A3PhHA5L3XWT2cAnC
i3v6nLR53fXCepWOdzDtCRoxlvEEbM82q6RSC49pSqWiDyGzwjMV820EnUI4TqZw
cXGlaTUkBLUXTFG8fIFve9NruYiIVKAgaFrFIYhmhhAbVWc30zaMMFZdOvhGORIV
agjpscsPfwO/h+GPH7U1yD/nFAXln+vMukOcT/II+cXZoHMRmvtsgHbVoa3LHLKd
xH7xQv79u4V1sV+EFsi2KaqUq31inzWYOqi/QkDdbavNDtNl1ELVJjuv1PuhJTXz
pgLp54DUTlboqsKrsftYoKACsdbspuSzWDdttZfZrDxNNcgtJwpPBoMcZO1cDGUy
UQR0sGkfNmMtBxQBHvJKab7opoqfvZDmqlO9HjQxhm3sgHECQU9sFI+OPWx2fHkE
B8OIHkKZMUsfqUorJfacwSXZSt5jKxAIuNbJ5XW8DlK/gKCbRSl2YgdTzJ45txlh
r1tybDrlJRs9CGGJQ2PzFW/oPR7+KLKYHy1cEnleeORqaobsQVZPG8k7Fqt9eNOV
i6en/R8DgQTrohFjgWIn
=2Dd7
-----END PGP SIGNATURE-----