Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2024-28862

Published: 16 March 2024

The Ruby One Time Password library (ROTP) is an open source library for generating and validating one time passwords. Affected versions had overly permissive default permissions. Users should patch to version 6.3.0. Users unable to patch may correct file permissions after installation.

Notes

AuthorNote
sbeattie
ubuntu and debian packaging install with the correct permissions

Priority

Medium

Status

Package Release Status
ruby-rotp
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(Upstream issue only)
focal Not vulnerable
(Upstream issue only)
jammy Not vulnerable
(Upstream issue only)
mantic Not vulnerable
(Upstream issue only)
upstream
Released (6.3.0)
xenial Not vulnerable
(Upstream issue only)