Detections
Analytics
openSUSE Security Update : rclone (openSUSE-2020-2035)
high Nessus Plugin ID 143316
Language:
Synopsis
The remote openSUSE host is missing a security update.Description
This update for rclone fixes the following issues :rclone was updated to version 1.53.3 :
- Bug Fixes
- Fix incorrect use of math/rand instead of crypto/rand CVE-2020-28924 boo#1179005 (Nick Craig-Wood)
- Check https://github.com/rclone/passwordcheck for a tool check for weak passwords generated by rclone
- VFS
- Fix vfs/refresh calls with fs= parameter (Nick Craig-Wood)
- Sharefile
- Fix backend due to API swapping integers for strings (Nick Craig-Wood)
Update to 1.53.2 :
- Bug Fixes
- accounting
+ Fix incorrect speed and transferTime in core/stats (Nick Craig-Wood)
+ Stabilize display order of transfers on Windows (Nick Craig-Wood)
- operations
+ Fix use of --suffix without --backup-dir (Nick Craig-Wood)
+ Fix spurious '--checksum is in use but the source and destination have no hashes in common' (Nick Craig-Wood)
- build
+ Work around GitHub actions brew problem (Nick Craig-Wood)
+ Stop using set-env and set-path in the GitHub actions (Nick Craig-Wood)
- Mount
- mount2: Fix the swapped UID / GID values (Russell Cattelan)
- VFS
- Detect and recover from a file being removed externally from the cache (Nick Craig-Wood)
- Fix a deadlock vulnerability in downloaders.Close (Leo Luan)
- Fix a race condition in retryFailedResets (Leo Luan)
- Fix missed concurrency control between some item operations and reset (Leo Luan)
- Add exponential backoff during ENOSPC retries (Leo Luan)
- Add a missed update of used cache space (Leo Luan)
- Fix --no-modtime to not attempt to set modtimes (as documented) (Nick Craig-Wood)
- Local
- Fix sizes and syncing with --links option on Windows (Nick Craig-Wood)
- Chunker
- Disable ListR to fix missing files on GDrive (workaround) (Ivan Andreev)
- Fix upload over crypt (Ivan Andreev)
- Fichier
- Increase maximum file size from 100GB to 300GB (gyutw)
- Jottacloud
- Remove clientSecret from config when upgrading to token based authentication (buengese)
- Avoid double url escaping of device/mountpoint (albertony)
- Remove DirMove workaround as it's not required anymore - also (buengese)
- Mailru
- Fix uploads after recent changes on server (Ivan Andreev)
- Fix range requests after june changes on server (Ivan Andreev)
- Fix invalid timestamp on corrupted files (fixes) (Ivan Andreev)
- Onedrive
- Fix disk usage for sharepoint (Nick Craig-Wood)
- S3
- Add missing regions for AWS (Anagh Kumar Baranwal)
- Seafile
- Fix accessing libraries > 2GB on 32 bit systems (Muffin King)
- SFTP
- Always convert the checksum to lower case (buengese)
- Union
- Create root directories if none exist (Nick Craig-Wood)
Update to version 1.53.1 :
- Bug Fixes
- accounting: Remove new line from end of --stats-one-line display
- VFS
- Fix spurious error 'vfs cache: failed to _ensure cache EOF'
- Log an ERROR if we fail to set the file to be sparse
- Local
- Log an ERROR if we fail to set the file to be sparse
- Drive
- Re-adds special oauth help text
- Opendrive
- Do not retry 400 errors
Update to version 1.53.0
- New Features
- The VFS layer was heavily reworked for this release - see below for more details
- Interactive mode -i/--interactive for destructive operations (fishbullet)
- Add --bwlimit-file flag to limit speeds of individual file transfers (Nick Craig-Wood)
- Transfers are sorted by start time in the stats and progress output (Max Sum)
- Make sure backends expand ~ and environment vars in file names they use (Nick Craig-Wood)
- Add --refresh-times flag to set modtimes on hashless backends (Nick Craig-Wood)
- rclone check
+ Add reporting of filenames for same/missing/changed (Nick Craig-Wood)
+ Make check command obey --dry-run/-i/--interactive (Nick Craig-Wood)
+ Make check do --checkers files concurrently (Nick Craig-Wood)
+ Retry downloads if they fail when using the --download flag (Nick Craig-Wood)
+ Make it show stats by default (Nick Craig-Wood)
- rclone config
+ Set RCLONE_CONFIG_DIR for use in config files and subprocesses (Nick Craig-Wood)
+ Reject remote names starting with a dash. (jtagcat)
- rclone cryptcheck: Add reporting of filenames for same/missing/changed (Nick Craig-Wood)
- rclone dedupe: Make it obey the --size-only flag for duplicate detection (Nick Craig-Wood)
- rclone link: Add --expire and --unlink flags (Roman Kredentser)
- rclone mkdir: Warn when using mkdir on remotes which can't have empty directories (Nick Craig-Wood)
- rclone rc: Allow JSON parameters to simplify command line usage (Nick Craig-Wood)
- rclone serve ftp
+ Don't compile on < go1.13 after dependency update (Nick Craig-Wood)
+ Add error message if auth proxy fails (Nick Craig-Wood)
+ Use refactored goftp.io/server library for binary shrink (Nick Craig-Wood)
- rclone serve restic: Expose interfaces so that rclone can be used as a library from within restic (Jack)
- rclone sync: Add --track-renames-strategy leaf (Nick Craig-Wood)
- rclone touch: Add ability to set nanosecond resolution times (Nick Craig-Wood)
- rclone tree: Remove -i shorthand for --noindent as it conflicts with -i/--interactive (Nick Craig-Wood)
- Bug Fixes
- Mount
- rc interface
+ Add call for unmount all (Chaitanya Bankanhal)
+ Make mount/mount remote control take vfsOpt option (Nick Craig-Wood)
+ Add mountOpt to mount/mount (Nick Craig-Wood)
+ Add VFS and Mount options to mount/listmounts (Nick Craig-Wood)
- Catch panics in cgofuse initialization and turn into error messages (Nick Craig-Wood)
- Always supply stat information in Readdir (Nick Craig-Wood)
- Add support for reading unknown length files using direct IO (Windows) (Nick Craig-Wood)
- Fix On Windows don't add -o uid/gid=-1 if user supplies
-o uid/gid. (Nick Craig-Wood)
- Fix volume name broken in recent refactor (Nick Craig-Wood)
- VFS
- Implement partial reads for --vfs-cache-mode full (Nick Craig-Wood)
- Add --vfs-writeback option to delay writes back to cloud storage (Nick Craig-Wood)
- Add --vfs-read-ahead parameter for use with
--vfs-cache-mode full (Nick Craig-Wood)
- Restart pending uploads on restart of the cache (Nick Craig-Wood)
- Support synchronous cache space recovery upon ENOSPC (Leo Luan)
- Allow ReadAt and WriteAt to run concurrently with themselves (Nick Craig-Wood)
- Change modtime of file before upload to current (Rob Calistri)
- Recommend --vfs-cache-modes writes on backends which can't stream (Nick Craig-Wood)
- Add an optional fs parameter to vfs rc methods (Nick Craig-Wood)
- Fix errors when using > 260 char files in the cache in Windows (Nick Craig-Wood)
- Fix renaming of items while they are being uploaded (Nick Craig-Wood)
- Fix very high load caused by slow directory listings (Nick Craig-Wood)
- Fix renamed files not being uploaded with
--vfs-cache-mode minimal (Nick Craig-Wood)
- Fix directory locking caused by slow directory listings (Nick Craig-Wood)
- Fix saving from chrome without --vfs-cache-mode writes (Nick Craig-Wood)
- Crypt Add --crypt-server-side-across-configs flag (Nick Craig-Wood) Make any created backends be cached to fix rc problems (Nick Craig-Wood)
- Azure Blob Don't compile on < go1.13 after dependency update (Nick Craig-Wood)
- B2 Implement server side copy for files > 5GB (Nick Craig-Wood) Cancel in progress multipart uploads and copies on rclone exit (Nick Craig-Wood) Note that b2's encoding now allows \ but rclone's hasn't changed (Nick Craig-Wood) Fix transfers when using download_url (Nick Craig-Wood)
- Box
- Implement rclone cleanup (buengese)
- Cancel in progress multipart uploads and copies on rclone exit (Nick Craig-Wood)
- Allow authentication with access token (David)
- Chunker
- Make any created backends be cached to fix rc problems (Nick Craig-Wood)
- Drive
- Add rclone backend drives to list shared drives (teamdrives) (Nick Craig-Wood)
- Implement rclone backend untrash (Nick Craig-Wood)
- Work around drive bug which didn't set modtime of copied docs (Nick Craig-Wood)
- Added --drive-starred-only to only show starred files (Jay McEntire)
- Deprecate --drive-alternate-export as it is no longer needed (themylogin)
- Fix duplication of Google docs on server side copy (Nick Craig-Wood)
- Fix 'panic: send on closed channel' when recycling dir entries (Nick Craig-Wood)
- Dropbox
- Add copyright detector info in limitations section in the docs (Alex Guerrero)
- Fix rclone link by removing expires parameter (Nick Craig-Wood)
- Fichier
- Detect Flood detected: IP Locked error and sleep for 30s (Nick Craig-Wood)
- FTP
- Add explicit TLS support (Heiko Bornholdt)
- Add support for --dump bodies and --dump auth for debugging (Nick Craig-Wood)
- Fix interoperation with pure-ftpd (Nick Craig-Wood)
- Google Cloud Storage
- Add support for anonymous access (Kai Lüke)
- Jottacloud
- Bring back legacy authentification for use with whitelabel versions (buengese)
- Switch to new api root - also implement a very ugly workaround for the DirMove failures (buengese)
- Onedrive
- Rework cancel of multipart uploads on rclone exit (Nick Craig-Wood)
- Implement rclone cleanup (Nick Craig-Wood)
- Add --onedrive-no-versions flag to remove old versions (Nick Craig-Wood)
- Pcloud
- Implement rclone link for public link creation (buengese)
- Qingstor
- Cancel in progress multipart uploads on rclone exit (Nick Craig-Wood)
- S3
- Preserve metadata when doing multipart copy (Nick Craig-Wood)
- Cancel in progress multipart uploads and copies on rclone exit (Nick Craig-Wood)
- Add rclone link for public link sharing (Roman Kredentser)
- Add rclone backend restore command to restore objects from GLACIER (Nick Craig-Wood)
- Add rclone cleanup and rclone backend cleanup to clean unfinished multipart uploads (Nick Craig-Wood)
- Add rclone backend list-multipart-uploads to list unfinished multipart uploads (Nick Craig-Wood)
- Add --s3-max-upload-parts support (Kamil Trzciński)
- Add --s3-no-check-bucket for minimising rclone transactions and perms (Nick Craig-Wood)
- Add --s3-profile and --s3-shared-credentials-file options (Nick Craig-Wood)
- Use regional s3 us-east-1 endpoint (David)
- Add Scaleway provider (Vincent Feltz)
- Update IBM COS endpoints (Egor Margineanu)
- Reduce the default --s3-copy-cutoff to < 5GB for Backblaze S3 compatibility (Nick Craig-Wood)
- Fix detection of bucket existing (Nick Craig-Wood)
- SFTP
- Use the absolute path instead of the relative path for listing for improved compatibility (Nick Craig-Wood)
- Add --sftp-subsystem and --sftp-server-command options (aus)
- Swift
- Fix dangling large objects breaking the listing (Nick Craig-Wood)
- Fix purge not deleting directory markers (Nick Craig-Wood)
- Fix update multipart object removing all of its own parts (Nick Craig-Wood)
- Fix missing hash from object returned from upload (Nick Craig-Wood)
- Tardigrade
- Upgrade to uplink v1.2.0 (Kaloyan Raev)
- Union
- Fix writing with the all policy (Nick Craig-Wood)
- WebDAV
- Fix directory creation with 4shared (Nick Craig-Wood)
- Update to version 1.52.3
- Bug Fixes
- docs
+ Disable smart typography (eg en-dash) in MANUAL.* and man page (Nick Craig-Wood)
+ Update install.md to reflect minimum Go version (Evan Harris)
+ Update install from source instructions (Nick Craig-Wood)
+ make_manual: Support SOURCE_DATE_EPOCH (Morten Linderud)
- log: Fix --use-json-log going to stderr not --log-file on Windows (Nick Craig-Wood)
- serve dlna: Fix file list on Samsung Series 6+ TVs (Matteo Pietro Dazzi)
- sync: Fix deadlock with --track-renames-strategy modtime (Nick Craig-Wood)
- Cache
- Fix moveto/copyto remote:file remote:file2 (Nick Craig-Wood)
- Drive
- Stop using root_folder_id as a cache (Nick Craig-Wood)
- Make dangling shortcuts appear in listings (Nick Craig-Wood)
- Drop 'Disabling ListR' messages down to debug (Nick Craig-Wood)
- Workaround and policy for Google Drive API (Dmitry Ustalov)
- FTP
- Add note to docs about home vs root directory selection (Nick Craig-Wood)
- Onedrive
- Fix reverting to Copy when Move would have worked (Nick Craig-Wood)
- Avoid comma rendered in URL in onedrive.md (Kevin)
- Pcloud
- Fix oauth on European region 'eapi.pcloud.com' (Nick Craig-Wood)
- S3
- Fix bucket Region auto detection when Region unset in config (Nick Craig-Wood)
- Update to version 1.52.2
- Bug Fixes
- build
+ Fix docker release build action (Nick Craig-Wood)
+ Fix custom timezone in Docker image (NoLooseEnds)
- check: Fix misleading message which printed errors instead of differences (Nick Craig-Wood)
- errors: Add WSAECONNREFUSED and more to the list of retriable Windows errors (Nick Craig-Wood)
- rcd: Fix incorrect prometheus metrics (Gary Kim)
- serve restic: Fix flags so they use environment variables (Nick Craig-Wood)
- serve webdav: Fix flags so they use environment variables (Nick Craig-Wood)
- sync: Fix --track-renames-strategy modtime (Nick Craig-Wood)
- Drive
- Fix not being able to delete a directory with a trashed shortcut (Nick Craig-Wood)
- Fix creating a directory inside a shortcut (Nick Craig-Wood)
- Fix --drive-impersonate with cached root_folder_id (Nick Craig-Wood)
- SFTP
- Fix SSH key PEM loading (Zac Rubin)
- Swift
- Speed up deletes by not retrying segment container deletes (Nick Craig-Wood)
- Tardigrade
- Upgrade to uplink v1.1.1 (Caleb Case)
- WebDAV
- Fix free/used display for rclone about/df for certain backends (Nick Craig-Wood)
- Update to version 1.52.1
- VFS
- Fix OS vs Unix path confusion - fixes ChangeNotify on Windows (Nick Craig-Wood)
- Drive
- Fix missing items when listing using --fast-list / ListR (Nick Craig-Wood)
- Putio
- Fix panic on Object.Open (Cenk Alti)
- S3
- Fix upload of single files into buckets without create permission (Nick Craig-Wood)
- Fix --header-upload (Nick Craig-Wood)
- Tardigrade
- Fix listing bug by upgrading to v1.0.7
- Set UserAgent to rclone (Caleb Case)
- Update to version 1.52.0
- New backends
- Tardigrade backend for use with storj.io (Caleb Case)
- Union re-write to have multiple writable remotes (Max Sum)
- Seafile for Seafile server (Fred @creativeprojects)
- New commands
- backend: command for backend specific commands (see backends) (Nick Craig-Wood)
- cachestats: Deprecate in favour of rclone backend stats cache: (Nick Craig-Wood)
- dbhashsum: Deprecate in favour of rclone hashsum DropboxHash (Nick Craig-Wood)
- New Features
- Add --header-download and --header-upload flags for setting HTTP headers when uploading/downloading (Tim Gallant)
- Add --header flag to add HTTP headers to every HTTP transaction (Nick Craig-Wood)
- Add --check-first to do all checking before starting transfers (Nick Craig-Wood)
- Add --track-renames-strategy for configurable matching criteria for --track-renames (Bernd Schoolmann)
- Add --cutoff-mode hard,soft,catious (Shing Kit Chan & Franklyn Tackitt)
- Filter flags (eg --files-from -) can read from stdin (fishbullet)
- Add --error-on-no-transfer option (Jon Fautley)
- Implement --order-by xxx,mixed for copying some small and some big files (Nick Craig-Wood)
- Allow --max-backlog to be negative meaning as large as possible (Nick Craig-Wood)
- Added --no-unicode-normalization flag to allow Unicode filenames to remain unique (Ben Zenker)
- Allow --min-age/--max-age to take a date as well as a duration (Nick Craig-Wood)
- Add rename statistics for file and directory renames (Nick Craig-Wood)
- Add statistics output to JSON log (reddi)
- Make stats be printed on non-zero exit code (Nick Craig-Wood)
- When running --password-command allow use of stdin (Sébastien Gross)
- Stop empty strings being a valid remote path (Nick Craig-Wood)
- accounting: support WriterTo for less memory copying (Nick Craig-Wood)
- build
+ Update to use go1.14 for the build (Nick Craig-Wood)
+ Add -trimpath to release build for reproduceable builds (Nick Craig-Wood)
+ Remove GOOS and GOARCH from Dockerfile (Brandon Philips)
- config
+ Fsync the config file after writing to save more reliably (Nick Craig-Wood)
+ Add --obscure and --no-obscure flags to config create/update (Nick Craig-Wood)
+ Make config show take remote: as well as remote (Nick Craig-Wood)
- copyurl: Add --no-clobber flag (Denis)
- delete: Added --rmdirs flag to delete directories as well (Kush)
- filter: Added --files-from-raw flag (Ankur Gupta)
- genautocomplete: Add support for fish shell (Matan Rosenberg)
- log: Add support for syslog LOCAL facilities (Patryk Jakuszew)
- lsjson: Add --hash-type parameter and use it in lsf to speed up hashing (Nick Craig-Wood)
- rc
+ Add -o/--opt and -a/--arg for more structured input (Nick Craig-Wood)
+ Implement backend/command for running backend specific commands remotely (Nick Craig-Wood)
+ Add mount/mount command for starting rclone mount via the API (Chaitanya)
- rcd: Add Prometheus metrics support (Gary Kim)
- serve http
+ Added a --template flag for user defined markup (calistri)
+ Add Last-Modified headers to files and directories (Nick Craig-Wood)
- serve sftp: Add support for multiple host keys by repeating --key flag (Maxime Suret)
- touch: Add --localtime flag to make --timestamp localtime not UTC (Nick Craig-Wood)
- Bug Fixes
- accounting
+ Restore 'Max number of stats groups reached' log line (Michał Matczuk)
+ Correct exitcode on Transfer Limit Exceeded flag. (Anuar Serdaliyev)
+ Reset bytes read during copy retry (Ankur Gupta)
+ Fix race clearing stats (Nick Craig-Wood)
- copy: Only create empty directories when they don't exist on the remote (Ishuah Kariuki)
- dedupe: Stop dedupe deleting files with identical IDs (Nick Craig-Wood)
- oauth
+ Use custom http client so that --no-check-certificate is honored by oauth token fetch (Mark Spieth)
+ Replace deprecated oauth2.NoContext (Lars Lehtonen)
- operations
+ Fix setting the timestamp on Windows for multithread copy (Nick Craig-Wood)
+ Make rcat obey --ignore-checksum (Nick Craig-Wood)
+ Make --max-transfer more accurate (Nick Craig-Wood)
- rc
+ Fix dropped error (Lars Lehtonen)
+ Fix misplaced http server config (Xiaoxing Ye)
+ Disable duplicate log (ElonH)
- serve dlna
+ Cds: don't specify childCount at all when unknown (Dan Walters)
+ Cds: use modification time as date in dlna metadata (Dan Walters)
- serve restic: Fix tests after restic project removed vendoring (Nick Craig-Wood)
- sync
+ Fix incorrect 'nothing to transfer' message using
--delete-before (Nick Craig-Wood)
+ Only create empty directories when they don't exist on the remote (Ishuah Kariuki)
- Mount
- Add --async-read flag to disable asynchronous reads (Nick Craig-Wood)
- Ignore --allow-root flag with a warning as it has been removed upstream (Nick Craig-Wood)
- Warn if --allow-non-empty used on Windows and clarify docs (Nick Craig-Wood)
- Constrain to go1.13 or above otherwise bazil.org/fuse fails to compile (Nick Craig-Wood)
- Fix fail because of too long volume name (evileye)
- Report 1PB free for unknown disk sizes (Nick Craig-Wood)
- Map more rclone errors into file systems errors (Nick Craig-Wood)
- Fix disappearing cwd problem (Nick Craig-Wood)
- Use ReaddirPlus on Windows to improve directory listing performance (Nick Craig-Wood)
- Send a hint as to whether the filesystem is case insensitive or not (Nick Craig-Wood)
- Add rc command mount/types (Nick Craig-Wood)
- Change maximum leaf name length to 1024 bytes (Nick Craig-Wood)
- VFS
- Add --vfs-read-wait and --vfs-write-wait flags to control time waiting for a sequential read/write (Nick Craig-Wood)
- Change default --vfs-read-wait to 20ms (it was 5ms and not configurable) (Nick Craig-Wood)
- Make df output more consistent on a rclone mount. (Yves G)
- Report 1PB free for unknown disk sizes (Nick Craig-Wood)
- Fix race condition caused by unlocked reading of Dir.path (Nick Craig-Wood)
- Make File lock and Dir lock not overlap to avoid deadlock (Nick Craig-Wood)
- Implement lock ordering between File and Dir to eliminate deadlocks (Nick Craig-Wood)
- Factor the vfs cache into its own package (Nick Craig-Wood)
- Pin the Fs in use in the Fs cache (Nick Craig-Wood)
- Add SetSys() methods to Node to allow caching stuff on a node (Nick Craig-Wood)
- Ignore file not found errors from Hash in Read.Release (Nick Craig-Wood)
- Fix hang in read wait code (Nick Craig-Wood)
- Local
- Speed up multi thread downloads by using sparse files on Windows (Nick Craig-Wood)
- Implement --local-no-sparse flag for disabling sparse files (Nick Craig-Wood)
- Implement rclone backend noop for testing purposes (Nick Craig-Wood)
- Fix 'file not found' errors on post transfer Hash calculation (Nick Craig-Wood)
- Cache
- Implement rclone backend stats command (Nick Craig-Wood)
- Fix Server Side Copy with Temp Upload (Brandon McNama)
- Remove Unused Functions (Lars Lehtonen)
- Disable race tests until bbolt is fixed (Nick Craig-Wood)
- Move methods used for testing into test file (greatroar)
- Add Pin and Unpin and canonicalised lookup (Nick Craig-Wood)
- Use proper import path go.etcd.io/bbolt (Robert-André Mauchin)
- Crypt
- Calculate hashes for uploads from local disk (Nick Craig-Wood)
+ This allows crypted Jottacloud uploads without using local disk
+ This means crypted s3/b2 uploads will now have hashes
- Added rclone backend decode/encode commands to replicate functionality of cryptdecode (Anagh Kumar Baranwal)
- Get rid of the unused Cipher interface as it obfuscated the code (Nick Craig-Wood)
- Azure Blob
- Implement streaming of unknown sized files so rcat is now supported (Nick Craig-Wood)
- Implement memory pooling to control memory use (Nick Craig-Wood)
- Add --azureblob-disable-checksum flag (Nick Craig-Wood)
- Retry InvalidBlobOrBlock error as it may indicate block concurrency problems (Nick Craig-Wood)
- Remove unused Object.parseTimeString() (Lars Lehtonen)
- Fix permission error on SAS URL limited to container (Nick Craig-Wood)
- B2
- Add support for --header-upload and --header-download (Tim Gallant)
- Ignore directory markers at the root also (Nick Craig-Wood)
- Force the case of the SHA1 to lowercase (Nick Craig-Wood)
- Remove unused largeUpload.clearUploadURL() (Lars Lehtonen)
- Box
- Add support for --header-upload and --header-download (Tim Gallant)
- Implement About to read size used (Nick Craig-Wood)
- Add token renew function for jwt auth (David Bramwell)
- Added support for interchangeable root folder for Box backend (Sunil Patra)
- Remove unnecessary iat from jws claims (David)
- Drive
- Follow shortcuts by default, skip with
--drive-skip-shortcuts (Nick Craig-Wood)
- Implement rclone backend shortcut command for creating shortcuts (Nick Craig-Wood)
- Added rclone backend command to change service_account_file and chunk_size (Anagh Kumar Baranwal)
- Fix missing files when using --fast-list and
--drive-shared-with-me (Nick Craig-Wood)
- Fix duplicate items when using --drive-shared-with-me (Nick Craig-Wood)
- Extend --drive-stop-on-upload-limit to respond to teamDriveFileLimitExceeded. (harry)
- Don't delete files with multiple parents to avoid data loss (Nick Craig-Wood)
- Server side copy docs use default description if empty (Nick Craig-Wood)
- Dropbox
- Make error insufficient space to be fatal (harry)
- Add info about required redirect url (Elan Ruusamäe)
- Fichier
- Add support for --header-upload and --header-download (Tim Gallant)
- Implement custom pacer to deal with the new rate limiting (buengese)
- FTP
- Fix lockup when using concurrency limit on failed connections (Nick Craig-Wood)
- Fix lockup on failed upload when using concurrency limit (Nick Craig-Wood)
- Fix lockup on Close failures when using concurrency limit (Nick Craig-Wood)
- Work around pureftp sending spurious 150 messages (Nick Craig-Wood)
- Google Cloud Storage
- Add support for --header-upload and --header-download (Nick Craig-Wood)
- Add ARCHIVE storage class to help (Adam Stroud)
- Ignore directory markers at the root (Nick Craig-Wood)
- Googlephotos
- Make the start year configurable (Daven)
- Add support for --header-upload and --header-download (Tim Gallant)
- Create feature/favorites directory (Brandon Philips)
- Fix 'concurrent map write' error (Nick Craig-Wood)
- Don't put an image in error message (Nick Craig-Wood)
- HTTP
- Improved directory listing with new template from Caddy project (calisro)
- Jottacloud
- Implement --jottacloud-trashed-only (buengese)
- Add support for --header-upload and --header-download (Tim Gallant)
- Use RawURLEncoding when decoding base64 encoded login token (buengese)
- Implement cleanup (buengese)
- Update docs regarding cleanup, removed remains from old auth, and added warning about special mountpoints.
(albertony)
- Mailru
- Describe 2FA requirements (valery1707)
- Onedrive
- Implement --onedrive-server-side-across-configs (Nick Craig-Wood)
- Add support for --header-upload and --header-download (Tim Gallant)
- Fix occasional 416 errors on multipart uploads (Nick Craig-Wood)
- Added maximum chunk size limit warning in the docs (Harry)
- Fix missing drive on config (Nick Craig-Wood)
- Make error quotaLimitReached to be fatal (harry)
- Opendrive
- Add support for --header-upload and --header-download (Tim Gallant)
- Pcloud
- Added support for interchangeable root folder for pCloud backend (Sunil Patra)
- Add support for --header-upload and --header-download (Tim Gallant)
- Fix initial config 'Auth state doesn't match' message (Nick Craig-Wood)
- Premiumizeme
- Add support for --header-upload and --header-download (Tim Gallant)
- Prune unused functions (Lars Lehtonen)
- Putio
- Add support for --header-upload and --header-download (Nick Craig-Wood)
- Make downloading files use the rclone http Client (Nick Craig-Wood)
- Fix parsing of remotes with leading and trailing / (Nick Craig-Wood)
- Qingstor
- Make rclone cleanup remove pending multipart uploads older than 24h (Nick Craig-Wood)
- Try harder to cancel failed multipart uploads (Nick Craig-Wood)
- Prune multiUploader.list() (Lars Lehtonen)
- Lint fix (Lars Lehtonen)
- S3
- Add support for --header-upload and --header-download (Tim Gallant)
- Use memory pool for buffer allocations (Maciej Zimnoch)
- Add SSE-C support for AWS, Ceph, and MinIO (Jack Anderson)
- Fail fast multipart upload (Michał Matczuk)
- Report errors on bucket creation (mkdir) correctly (Nick Craig-Wood)
- Specify that Minio supports URL encoding in listings (Nick Craig-Wood)
- Added 500 as retryErrorCode (Michał Matczuk)
- Use --low-level-retries as the number of SDK retries (Aleksandar Janković)
- Fix multipart abort context (Aleksandar Jankovic)
- Replace deprecated session.New() with session.NewSession() (Lars Lehtonen)
- Use the provided size parameter when allocating a new memory pool (Joachim Brandon LeBlanc)
- Use rclone's low level retries instead of AWS SDK to fix listing retries (Nick Craig-Wood)
- Ignore directory markers at the root also (Nick Craig-Wood)
- Use single memory pool (Michał Matczuk)
- Do not resize buf on put to memBuf (Michał
Matczuk)
- Improve docs for --s3-disable-checksum (Nick Craig-Wood)
- Don't leak memory or tokens in edge cases for multipart upload (Nick Craig-Wood)
- Seafile
- Implement 2FA (Fred)
- SFTP
- Added --sftp-pem-key to support inline key files (calisro)
- Fix post transfer copies failing with 0 size when using set_modtime=false (Nick Craig-Wood)
- Sharefile
- Add support for --header-upload and --header-download (Tim Gallant)
- Sugarsync
- Add support for --header-upload and --header-download (Tim Gallant)
- Swift
- Add support for --header-upload and --header-download (Nick Craig-Wood)
- Fix cosmetic issue in error message (Martin Michlmayr)
- Union
- Implement multiple writable remotes (Max Sum)
- Fix server-side copy (Max Sum)
- Implement ListR (Max Sum)
- Enable ListR when upstreams contain local (Max Sum)
- WebDAV
- Add support for --header-upload and --header-download (Tim Gallant)
- Fix X-OC-Mtime header for Transip compatibility (Nick Craig-Wood)
- Report full and consistent usage with about (Yves G)
- Yandex
- Add support for --header-upload and --header-download (Tim Gallant)
- Update to version 1.51.0
- See https://rclone.org/changelog/#v1-51-0-2020-02-01 for the complete changelog.
- Update to version 1.50.2
- Bug Fixes
- accounting: Fix memory leak on retries operations (Nick Craig-Wood)
- Drive
- Fix listing of the root directory with drive.files scope (Nick Craig-Wood)
- Fix --drive-root-folder-id with team/shared drives (Nick Craig-Wood)
- Update to version 1.50.1
- Bug Fixes
- hash: Fix accidentally changed hash names for DropboxHash and CRC-32 (Nick Craig-Wood)
- fshttp: Fix error reporting on tpslimit token bucket errors (Nick Craig-Wood)
- fshttp: Don’t print token bucket errors on context cancelled (Nick Craig-Wood)
- Local
- Fix listings of . on Windows (Nick Craig-Wood)
- Onedrive
- Fix DirMove/Move after Onedrive change (Xiaoxing Ye)
- Update to version 1.50.0
	- New backends
	 - Citrix Sharefile (Nick Craig-Wood)
	 - Chunker - an overlay backend to split files into smaller parts (Ivan Andreev)
	 - Mail.ru Cloud (Ivan Andreev)
	- New Features
	 - encodings (Fabian Möller & Nick Craig-Wood)
		+ All backends now use file name encoding to ensure any file name can be written to any backend.
		+ See the restricted file name docs for more info and the local backend docs.
		+ Some file names may look different in rclone if you are using any control characters in names or unicode FULLWIDTH symbols.
	 - build
		+ Update to use go1.13 for the build (Nick Craig-Wood)
		+ Drop support for go1.9 (Nick Craig-Wood)
		+ Build rclone with GitHub actions (Nick Craig-Wood)
		+ Convert python scripts to python3 (Nick Craig-Wood)
		+ Swap Azure/go-ansiterm for mattn/go-colorable (Nick Craig-Wood)
		+ Dockerfile fixes (Matei David)
		+ Add plugin support for backends and commands (Richard Patel)
	 - config
		+ Use alternating Red/Green in config to make more obvious (Nick Craig-Wood)
	 - contrib
		+ Add sample DLNA server Docker Compose manifest.
(pataquets)
		+ Add sample WebDAV server Docker Compose manifest.
(pataquets)
	 - copyurl
		+ Add --auto-filename flag for using file name from URL in destination path (Denis)
	 - serve dlna :
		+ Many compatability improvements (Dan Walters)
		+ Support for external srt subtitles (Dan Walters)
	 - rc
		+ Added command core/quit (Saksham Khanna)
	- Bug Fixes
	 - sync
		+ Make --update/-u not transfer files that haven’t changed (Nick Craig-Wood)
		+ Free objects after they come out of the transfer pipe to save memory (Nick Craig-Wood)
		+ Fix --files-from without --no-traverse doing a recursive scan (Nick Craig-Wood)
	 - operations
		+ Fix accounting for server side copies (Nick Craig-Wood)
		+ Display ‘All duplicates removed’ only if dedupe successful (Sezal Agrawal)
		+ Display ‘Deleted X extra copies’ only if dedupe successful (Sezal Agrawal)
	 - accounting
		+ Only allow up to 100 completed transfers in the accounting list to save memory (Nick Craig-Wood)
		+ Cull the old time ranges when possible to save memory (Nick Craig-Wood)
		+ Fix panic due to server-side copy fallback (Ivan Andreev)
		+ Fix memory leak noticeable for transfers of large numbers of objects (Nick Craig-Wood)
		+ Fix total duration calculation (Nick Craig-Wood)
	 - cmd
		+ Fix environment variables not setting command line flags (Nick Craig-Wood)
		+ Make autocomplete compatible with bash’s posix mode for macOS (Danil Semelenov)
		+ Make --progress work in git bash on Windows (Nick Craig-Wood)
		+ Fix ‘compopt: command not found’ on autocomplete on macOS (Danil Semelenov)
	 - config
		+ Fix setting of non top level flags from environment variables (Nick Craig-Wood)
		+ Check config names more carefully and report errors (Nick Craig-Wood)
		+ Remove error: can’t use --size-only and
--ignore-size together. (Nick Craig-Wood)
		+ filter: Prevent mixing options when --files-from is in use (Michele Caci)
		+ serve sftp: Fix crash on unsupported operations (eg Readlink) (Nick Craig-Wood)
	- Mount
	 - Allow files of unkown size to be read properly (Nick Craig-Wood)
	 - Skip tests on <= 2 CPUs to avoid lockup (Nick Craig-Wood)
	 - Fix panic on File.Open (Nick Craig-Wood)
	 - Fix “mount_fusefs: -o timeout=: option not supported” on FreeBSD (Nick Craig-Wood)
	 - Don’t pass huge filenames (>4k) to FUSE as it can’t cope (Nick Craig-Wood)
	- VFS
	 - Add flag --vfs-case-insensitive for windows/macOS mounts (Ivan Andreev)
	 - Make objects of unknown size readable through the VFS (Nick Craig-Wood)
	 - Move writeback of dirty data out of close() method into its own method (FlushWrites) and remove close() call from Flush() (Brett Dutro)
	 - Stop empty dirs disappearing when renamed on bucket based remotes (Nick Craig-Wood)
	 - Stop change notify polling clearing so much of the directory cache (Nick Craig-Wood)
	- Azure Blob
	 - Disable logging to the Windows event log (Nick Craig-Wood)
	- B2
	 - Remove unverified: prefix on sha1 to improve interop (eg with CyberDuck) (Nick Craig-Wood)
	- Box
	 - Add options to get access token via JWT auth (David)
	- Drive
	 - Disable HTTP/2 by default to work around INTERNAL_ERROR problems (Nick Craig-Wood)
	 - Make sure that drive root ID is always canonical (Nick Craig-Wood)
	 - Fix --drive-shared-with-me from the root with lsand
--fast-list (Nick Craig-Wood)
	 - Fix ChangeNotify polling for shared drives (Nick Craig-Wood)
	 - Fix change notify polling when using appDataFolder (Nick Craig-Wood)
	- Dropbox
	 - Make disallowed filenames errors not retry (Nick Craig-Wood)
	 - Fix nil pointer exception on restricted files (Nick Craig-Wood)
	- Fichier
	 - Fix accessing files > 2GB on 32 bit systems (Nick Craig-Wood)
	- FTP
	 - Allow disabling EPSV mode (Jon Fautley)
	- HTTP
	 - HEAD directory entries in parallel to speedup (Nick Craig-Wood)
	 - Add --http-no-head to stop rclone doing HEAD in listings (Nick Craig-Wood)
	- Putio
	 - Add ability to resume uploads (Cenk Alti)
	- S3
	 - Fix signature v2_auth headers (Anthony Rusdi)
	 - Fix encoding for control characters (Nick Craig-Wood)
	 - Only ask for URL encoded directory listings if we need them on Ceph (Nick Craig-Wood)
	 - Add option for multipart failiure behaviour (Aleksandar Jankovic)
	 - Support for multipart copy (庄天翼)
	 - Fix nil pointer reference if no metadata returned for object (Nick Craig-Wood)
	- SFTP
	 - Fix --sftp-ask-password trying to contact the ssh agent (Nick Craig-Wood)
	 - Fix hashes of files with backslashes (Nick Craig-Wood)
	 - Include more ciphers with --sftp-use-insecure-cipher (Carlos Ferreyra)
	- WebDAV
	 - Parse and return Sharepoint error response (Henning Surmeier)
- Update to version 1.49.4
- Bug Fixes
- cmd/rcd: Address ZipSlip vulnerability (Richard Patel)
- accounting: Fix file handle leak on errors (Nick Craig-Wood)
- oauthutil: Fix security problem when running with two users on the same machine (Nick Craig-Wood)
- FTP
- Fix listing of an empty root returning: error dir not found (Nick Craig-Wood)
- S3
- Fix SetModTime on GLACIER/ARCHIVE objects and implement set/get tier (Nick Craig-Wood)
- Update to version 1.49.3
- Bug Fixes
- accounting
+ Fix total duration calculation (Aleksandar Jankovic)
+ Fix “file already closed” on transfer retries (Nick Craig-Wood)
- Update to version 1.49.2
- New Features
- build: Add Docker workflow support (Alfonso Montero)
- Bug Fixes
- accounting: Fix locking in Transfer to avoid deadlock with --progress (Nick Craig-Wood)
- docs: Fix template argument for mktemp in install.sh (Cnly)
- operations: Fix -u/--update with google photos / files of unknown size (Nick Craig-Wood)
- rc: Fix docs for config/create /update /password (Nick Craig-Wood)
- Google Cloud Storage
- Fix need for elevated permissions on SetModTime (Nick Craig-Wood)
- Update to version 1.49.1
- Bug Fixes
- config: Fix generated passwords being stored as empty password (Nick Craig-Wood)
- rcd: Added missing parameter for web-gui info logs.
(Chaitanya)
- Googlephotos
- Fix crash on error response (Nick Craig-Wood)
- Onedrive
- Fix crash on error response (Nick Craig-Wood)
- Update to version 1.49.0
- New backends
- 1fichier (Laura Hausmann)
- Google Photos (Nick Craig-Wood)
- Putio (Cenk Alti)
- premiumize.me (Nick Craig-Wood)
- New Features
- Experimental web GUI (Chaitanya Bankanhal)
- Implement --compare-dest & --copy-dest (yparitcher)
- Implement --suffix without --backup-dir for backup to current dir (yparitcher)
- config reconnect to re-login (re-run the oauth login) for the backend. (Nick Craig-Wood)
- config userinfo to discover which user you are logged in as. (Nick Craig-Wood)
- config disconnect to disconnect you (log out) from the backend. (Nick Craig-Wood)
- Add --use-json-log for JSON logging (justinalin)
- Add context propagation to rclone (Aleksandar Jankovic)
- Reworking internal statistics interfaces so they work with rc jobs (Aleksandar Jankovic)
- Add Higher units for ETA (AbelThar)
- Update rclone logos to new design (Andreas Chlupka)
- hash: Add CRC-32 support (Cenk Alti)
- help showbackend: Fixed advanced option category when there are no standard options (buengese)
- ncdu: Display/Copy to Clipboard Current Path (Gary Kim)
- operations :
+ Run hashing operations in parallel (Nick Craig-Wood)
+ Don’t calculate checksums when using
--ignore-checksum (Nick Craig-Wood)
+ Check transfer hashes when using --size-only mode (Nick Craig-Wood)
+ Disable multi thread copy for local to local copies (Nick Craig-Wood)
+ Debug successful hashes as well as failures (Nick Craig-Wood)
- rc
+ Add ability to stop async jobs (Aleksandar Jankovic)
+ Return current settings if core/bwlimit called without parameters (Nick Craig-Wood)
+ Rclone-WebUI integration with rclone (Chaitanya Bankanhal)
+ Added command line parameter to control the cross origin resource sharing (CORS) in the rcd. (Security Improvement) (Chaitanya Bankanhal)
+ Add anchor tags to the docs so links are consistent (Nick Craig-Wood)
+ Remove _async key from input parameters after parsing so later operations won’t get confused (buengese)
+ Add call to clear stats (Aleksandar Jankovic)
- rcd
+ Auto-login for web-gui (Chaitanya Bankanhal)
+ Implement --baseurl for rcd and web-gui (Chaitanya Bankanhal)
- serve dlna
+ Only select interfaces which can multicast for SSDP (Nick Craig-Wood)
+ Add more builtin mime types to cover standard audio/video (Nick Craig-Wood)
+ Fix missing mime types on Android causing missing videos (Nick Craig-Wood)
- serve ftp
+ Refactor to bring into line with other serve commands (Nick Craig-Wood)
+ Implement --auth-proxy (Nick Craig-Wood)
- serve http: Implement --baseurl (Nick Craig-Wood)
- serve restic: Implement --baseurl (Nick Craig-Wood)
- serve sftp
+ Implement auth proxy (Nick Craig-Wood)
+ Fix detection of whether server is authorized (Nick Craig-Wood)
- serve webdav
+ Implement --baseurl (Nick Craig-Wood)
+ Support --auth-proxy (Nick Craig-Wood)
- Bug Fixes
- Make “bad record MAC” a retriable error (Nick Craig-Wood)
- copyurl: Fix copying files that return HTTP errors (Nick Craig-Wood)
- march: Fix checking sub-directories when using
--no-traverse (buengese)
- rc
+ Fix unmarshalable http.AuthFn in options and put in test for marshalability (Nick Craig-Wood)
+ Move job expire flags to rc to fix initalization problem (Nick Craig-Wood)
+ Fix --loopback with rc/list and others (Nick Craig-Wood)
- rcat: Fix slowdown on systems with multiple hashes (Nick Craig-Wood)
- rcd: Fix permissions problems on cache directory with web gui download (Nick Craig-Wood)
- Mount
- Default --deamon-timout to 15 minutes on macOS and FreeBSD (Nick Craig-Wood)
- Update docs to show mounting from root OK for bucket based (Nick Craig-Wood)
- Remove nonseekable flag from write files (Nick Craig-Wood)
- VFS
- Make write without cache more efficient (Nick Craig-Wood)
- Fix --vfs-cache-mode minimal and writes ignoring cached files (Nick Craig-Wood)
- Local
- Add --local-case-sensitive and --local-case-insensitive (Nick Craig-Wood)
- Avoid polluting page cache when uploading local files to remote backends (Michał Matczuk)
- Don’t calculate any hashes by default (Nick Craig-Wood)
- Fadvise run syscall on a dedicated go routine (Michał Matczuk)
- Azure Blob
- Azure Storage Emulator support (Sandeep)
- Updated config help details to remove connection string references (Sandeep)
- Make all operations work from the root (Nick Craig-Wood)
- B2
- Implement link sharing (yparitcher)
- Enable server side copy to copy between buckets (Nick Craig-Wood)
- Make all operations work from the root (Nick Craig-Wood)
- Drive
- Fix server side copy of big files (Nick Craig-Wood)
- Update API for teamdrive use (Nick Craig-Wood)
- Add error for purge with --drive-trashed-only (ginvine)
- Fichier
- Make FolderID int and adjust related code (buengese)
- Google Cloud Storage
- Reduce oauth scope requested as suggested by Google (Nick Craig-Wood)
- Make all operations work from the root (Nick Craig-Wood)
- HTTP
- Add --http-headers flag for setting arbitrary headers (Nick Craig-Wood)
- Jottacloud
- Use new api for retrieving internal username (buengese)
- Refactor configuration and minor cleanup (buengese)
- Koofr
- Support setting modification times on Koofr backend.
(jaKa)
- Opendrive
- Refactor to use existing lib/rest facilities for uploads (Nick Craig-Wood)
- Qingstor
- Upgrade to v3 SDK and fix listing loop (Nick Craig-Wood)
- Make all operations work from the root (Nick Craig-Wood)
- S3
- Add INTELLIGENT_TIERING storage class (Matti Niemenmaa)
- Make all operations work from the root (Nick Craig-Wood)
- SFTP
- Add missing interface check and fix About (Nick Craig-Wood)
- Completely ignore all modtime checks if SetModTime=false (Jon Fautley)
- Support md5/sha1 with rsync.net (Nick Craig-Wood)
- Save the md5/sha1 command in use to the config file for efficiency (Nick Craig-Wood)
- Opt-in support for diffie-hellman-group-exchange-sha256 diffie-hellman-group-exchange-sha1 (Yi FU)
- Swift
- Use FixRangeOption to fix 0 length files via the VFS (Nick Craig-Wood)
- Fix upload when using no_chunk to return the correct size (Nick Craig-Wood)
- Make all operations work from the root (Nick Craig-Wood)
- Fix segments leak during failed large file uploads.
(nguyenhuuluan434)
- WebDAV
- Add --webdav-bearer-token-command (Nick Craig-Wood)
- Refresh token when it expires with
--webdav-bearer-token-command (Nick Craig-Wood)
- Add docs for using bearer_token_command with oidc-agent (Paul Millar)
- Fix executable permission
- Update to version 1.48.0
- New commands
- serve sftp: Serve an rclone remote over SFTP (Nick Craig-Wood)
- New Features
- Multi threaded downloads to local storage (Nick Craig-Wood) controlled with --multi-thread-cutoff and
--multi-thread-streams
- Use rclone.conf from rclone executable directory to enable portable use (albertony)
- Allow sync of a file and a directory with the same name (forgems) this is common on bucket based remotes, eg s3, gcs
- Add --ignore-case-sync for forced case insensitivity (garry415)
- Implement --stats-one-line-date and
--stats-one-line-date-format (Peter Berbec)
- Log an ERROR for all commands which exit with non-zero status (Nick Craig-Wood)
- Use go-homedir to read the home directory more reliably (Nick Craig-Wood)
- Enable creating encrypted config through external script invocation (Wojciech Smigielski)
- build: Drop support for go1.8 (Nick Craig-Wood)
- config: Make config create/update encrypt passwords where necessary (Nick Craig-Wood)
- copyurl: Honor --no-check-certificate (Stefan Breunig)
- install: Linux skip man pages if no mandb (didil)
- lsf: Support showing the Tier of the object (Nick Craig-Wood)
- lsjson
+ Added EncryptedPath to output (calisro)
+ Support showing the Tier of the object (Nick Craig-Wood)
+ Add IsBucket field for bucket based remote listing of the root (Nick Craig-Wood)
- rc
+ Add --loopback flag to run commands directly without a server (Nick Craig-Wood)
+ Add operations/fsinfo: Return information about the remote (Nick Craig-Wood)
+ Skip auth for OPTIONS request (Nick Craig-Wood)
+ cmd/providers: Add DefaultStr, ValueStr and Type fields (Nick Craig-Wood)
+ jobs: Make job expiry timeouts configurable (Aleksandar Jankovic)
- serve dlna reworked and improved (Dan Walters)
- serve ftp: add --ftp-public-ip flag to specify public IP (calistri)
- serve restic: Add support for --private-repos in serve restic (Florian Apolloner)
- serve webdav: Combine serve webdav and serve http (Gary Kim)
- size: Ignore negative sizes when calculating total (Garry McNulty)
- Bug Fixes
- Make move and copy individual files obey --backup-dir (Nick Craig-Wood)
- If --ignore-checksum is in effect, don’t calculate checksum (Nick Craig-Wood)
- moveto: Fix case-insensitive same remote move (Gary Kim)
- rc: Fix serving bucket based objects with --rc-serve (Nick Craig-Wood)
- serve webdav: Fix serveDir not being updated with changes from webdav (Gary Kim)
- Mount
- Fix poll interval documentation (Animosity022)
- VFS
- Make WriteAt for non cached files work with non-sequential writes (Nick Craig-Wood)
- Local
- Only calculate the required hashes for big speedup (Nick Craig-Wood)
- Log errors when listing instead of returning an error (Nick Craig-Wood)
- Fix preallocate warning on Linux with ZFS (Nick Craig-Wood)
- Crypt
- Make rclone dedupe work through crypt (Nick Craig-Wood)
- Fix wrapping of ChangeNotify to decrypt directories properly (Nick Craig-Wood)
- Support PublicLink (rclone link) of underlying backend (Nick Craig-Wood)
- Implement Optional methods SetTier, GetTier (Nick Craig-Wood)
- B2
- Implement server side copy (Nick Craig-Wood)
- Implement SetModTime (Nick Craig-Wood)
- Drive
- Fix move and copy from TeamDrive to GDrive (Fionera)
- Add notes that cleanup works in the background on drive (Nick Craig-Wood)
- Add --drive-server-side-across-configs to default back to old server side copy semantics by default (Nick Craig-Wood)
- Add --drive-size-as-quota to show storage quota usage for file size (Garry McNulty)
- FTP
- Add FTP List timeout (Jeff Quinn)
- Add FTP over TLS support (Gary Kim)
- Add --ftp-no-check-certificate option for FTPS (Gary Kim)
- Google Cloud Storage
- Fix upload errors when uploading pre 1970 files (Nick Craig-Wood)
- Jottacloud
- Add support for selecting device and mountpoint.
(buengese)
- Mega
- Add cleanup support (Gary Kim)
- Onedrive
- More accurately check if root is found (Cnly)
- S3
- Suppport S3 Accelerated endpoints with
--s3-use-accelerate-endpoint (Nick Craig-Wood)
- Add config info for Wasabi’s EU Central endpoint (Robert Marko)
- Make SetModTime work for GLACIER while syncing (Philip Harvey)
- SFTP
- Add About support (Gary Kim)
- Fix about parsing of df results so it can cope with -ve results (Nick Craig-Wood)
- Send custom client version and debug server version (Nick Craig-Wood)
- WebDAV
- Retry on 423 Locked errors (Nick Craig-Wood)
Solution
Update the affected rclone packages.See Also
https://bugzilla.opensuse.org/show_bug.cgi?id=1179005
Plugin Details
Severity: High
ID: 143316
File Name: openSUSE-2020-2035.nasl
Version: 1.4
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 11/30/2020
Updated: 2/7/2024
Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2020-28924
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:opensuse:rclone, p-cpe:/a:novell:opensuse:rclone-bash-completion, p-cpe:/a:novell:opensuse:rclone-debuginfo, p-cpe:/a:novell:opensuse:rclone-zsh-completion, cpe:/o:novell:opensuse:15.1
Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/26/2020
Vulnerability Publication Date: 11/19/2020
Reference Information
CVE: CVE-2020-28924