Summary: | <net-misc/rclone-1.53.3: Insecure passwords generated by rclone config (CVE-2020-28924) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | filip ambroz <filip.ambroz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | perfinion |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/rclone/rclone/issues/4783 | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
filip ambroz
2020-11-19 21:48:21 UTC
(We don't put versioned atoms in summary unless it's representing fixed versions in tree). Please bump, maintainer. ping perfinion I've put up a version bump ebuild at https://bugs.gentoo.org/show_bug.cgi?id=759451 which should address this. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0096c84f139b209ea27c3832e20724fff35b3bd9 commit 0096c84f139b209ea27c3832e20724fff35b3bd9 Author: Jason Zaman <perfinion@gentoo.org> AuthorDate: 2021-01-02 07:11:28 +0000 Commit: Jason Zaman <perfinion@gentoo.org> CommitDate: 2021-01-02 07:19:34 +0000 net-misc/rclone: drop old Bug: https://bugs.gentoo.org/755638 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Jason Zaman <perfinion@gentoo.org> net-misc/rclone/Manifest | 2 - net-misc/rclone/rclone-1.52.2.ebuild | 36 -- net-misc/rclone/rclone-1.53.0.ebuild | 835 ----------------------------------- 3 files changed, 873 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8958293c56dd55924d79042def525a597153fcd6 commit 8958293c56dd55924d79042def525a597153fcd6 Author: Jason Zaman <perfinion@gentoo.org> AuthorDate: 2021-01-02 07:09:09 +0000 Commit: Jason Zaman <perfinion@gentoo.org> CommitDate: 2021-01-02 07:19:33 +0000 net-misc/rclone: Stable 1.53.3 for security fix Bug: https://bugs.gentoo.org/755638 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Jason Zaman <perfinion@gentoo.org> net-misc/rclone/rclone-1.53.3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13c182a7472d3b271f61411f2c4cc2947a0721ee commit 13c182a7472d3b271f61411f2c4cc2947a0721ee Author: Jason Zaman <perfinion@gentoo.org> AuthorDate: 2021-01-02 07:06:21 +0000 Commit: Jason Zaman <perfinion@gentoo.org> CommitDate: 2021-01-02 07:19:32 +0000 net-misc/rclone: bump 1.53.3 Closes: https://bugs.gentoo.org/759451 Bug: https://bugs.gentoo.org/755638 Package-Manager: Portage-3.0.12, Repoman-3.0.2 Signed-off-by: Jason Zaman <perfinion@gentoo.org> net-misc/rclone/Manifest | 1 + net-misc/rclone/rclone-1.53.3.ebuild | 835 +++++++++++++++++++++++++++++++++++ 2 files changed, 836 insertions(+) Thank you! New GLSA request filed. This issue was resolved and addressed in GLSA 202107-14 at https://security.gentoo.org/glsa/202107-14 by GLSA coordinator John Helmert III (ajak). |