openSUSE Updates
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
November 2020
- 2 participants
- 330 discussions
[opensuse-updates] openSUSE-RU-2020:2043-1: moderate: Recommended update for hawk-apiserver
by maintenance@opensuse.org 26 Nov '20
by maintenance@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Recommended Update: Recommended update for hawk-apiserver
______________________________________________________________________________
Announcement ID: openSUSE-RU-2020:2043-1
Rating: moderate
References: #1178228
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for hawk-apiserver fixes the following issues:
- Update from version 0.0.2 to version 0.0.4:
- various enhancement security https related (bsc#1178228)
- update to go modules
- add -version flag to show build version
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2043=1
Package List:
- openSUSE Leap 15.1 (x86_64):
hawk-apiserver-0.0.4+git.1604696958.cd5cdf1-lp151.3.3.1
References:
https://bugzilla.suse.com/1178228
1
0
[opensuse-updates] openSUSE-SU-2020:2035-1: moderate: Security update for rclone
by opensuse-security@opensuse.org 26 Nov '20
by opensuse-security@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Security Update: Security update for rclone
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:2035-1
Rating: moderate
References: #1179005
Cross-References: CVE-2020-28924
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rclone fixes the following issues:
rclone was updated to version 1.53.3:
* Bug Fixes
- Fix incorrect use of math/rand instead of crypto/rand CVE-2020-28924
boo#1179005 (Nick Craig-Wood)
- Check https://github.com/rclone/passwordcheck for a tool check for
weak passwords generated by rclone
* VFS
- Fix vfs/refresh calls with fs= parameter (Nick Craig-Wood)
* Sharefile
- Fix backend due to API swapping integers for strings (Nick
Craig-Wood)
Update to 1.53.2:
* Bug Fixes
- accounting
+ Fix incorrect speed and transferTime in core/stats (Nick
Craig-Wood)
+ Stabilize display order of transfers on Windows (Nick Craig-Wood)
- operations
+ Fix use of --suffix without --backup-dir (Nick Craig-Wood)
+ Fix spurious "--checksum is in use but the source and destination
have no hashes in common" (Nick Craig-Wood)
- build
+ Work around GitHub actions brew problem (Nick Craig-Wood)
+ Stop using set-env and set-path in the GitHub actions (Nick
Craig-Wood)
* Mount
- mount2: Fix the swapped UID / GID values (Russell Cattelan)
* VFS
- Detect and recover from a file being removed externally from the
cache (Nick Craig-Wood)
- Fix a deadlock vulnerability in downloaders.Close (Leo Luan)
- Fix a race condition in retryFailedResets (Leo Luan)
- Fix missed concurrency control between some item operations and
reset (Leo Luan)
- Add exponential backoff during ENOSPC retries (Leo Luan)
- Add a missed update of used cache space (Leo Luan)
- Fix --no-modtime to not attempt to set modtimes (as documented)
(Nick Craig-Wood)
* Local
- Fix sizes and syncing with --links option on Windows (Nick
Craig-Wood)
* Chunker
- Disable ListR to fix missing files on GDrive (workaround) (Ivan
Andreev)
- Fix upload over crypt (Ivan Andreev)
* Fichier
- Increase maximum file size from 100GB to 300GB (gyutw)
* Jottacloud
- Remove clientSecret from config when upgrading to token based
authentication (buengese)
- Avoid double url escaping of device/mountpoint (albertony)
- Remove DirMove workaround as it's not required anymore - also
(buengese)
* Mailru
- Fix uploads after recent changes on server (Ivan Andreev)
- Fix range requests after june changes on server (Ivan Andreev)
- Fix invalid timestamp on corrupted files (fixes) (Ivan Andreev)
* Onedrive
- Fix disk usage for sharepoint (Nick Craig-Wood)
* S3
- Add missing regions for AWS (Anagh Kumar Baranwal)
* Seafile
- Fix accessing libraries > 2GB on 32 bit systems (Muffin King)
* SFTP
- Always convert the checksum to lower case (buengese)
* Union
- Create root directories if none exist (Nick Craig-Wood)
Update to version 1.53.1:
* Bug Fixes
- accounting: Remove new line from end of --stats-one-line display
* VFS
- Fix spurious error "vfs cache: failed to _ensure cache EOF"
- Log an ERROR if we fail to set the file to be sparse
* Local
- Log an ERROR if we fail to set the file to be sparse
* Drive
- Re-adds special oauth help text
* Opendrive
- Do not retry 400 errors
Update to version 1.53.0
* New Features
- The VFS layer was heavily reworked for this release - see below for
more details
- Interactive mode -i/--interactive for destructive operations
(fishbullet)
- Add --bwlimit-file flag to limit speeds of individual file transfers
(Nick Craig-Wood)
- Transfers are sorted by start time in the stats and progress output
(Max Sum)
- Make sure backends expand ~ and environment vars in file names they
use (Nick Craig-Wood)
- Add --refresh-times flag to set modtimes on hashless backends (Nick
Craig-Wood)
- rclone check
+ Add reporting of filenames for same/missing/changed (Nick
Craig-Wood)
+ Make check command obey --dry-run/-i/--interactive (Nick
Craig-Wood)
+ Make check do --checkers files concurrently (Nick Craig-Wood)
+ Retry downloads if they fail when using the --download flag (Nick
Craig-Wood)
+ Make it show stats by default (Nick Craig-Wood)
- rclone config
+ Set RCLONE_CONFIG_DIR for use in config files and subprocesses
(Nick Craig-Wood)
+ Reject remote names starting with a dash. (jtagcat)
- rclone cryptcheck: Add reporting of filenames for
same/missing/changed (Nick Craig-Wood)
- rclone dedupe: Make it obey the --size-only flag for duplicate
detection (Nick Craig-Wood)
- rclone link: Add --expire and --unlink flags (Roman Kredentser)
- rclone mkdir: Warn when using mkdir on remotes which can't have
empty directories (Nick Craig-Wood)
- rclone rc: Allow JSON parameters to simplify command line usage
(Nick Craig-Wood)
- rclone serve ftp
+ Don't compile on < go1.13 after dependency update (Nick Craig-Wood)
+ Add error message if auth proxy fails (Nick Craig-Wood)
+ Use refactored goftp.io/server library for binary shrink (Nick
Craig-Wood)
- rclone serve restic: Expose interfaces so that rclone can be used as
a library from within restic (Jack)
- rclone sync: Add --track-renames-strategy leaf (Nick Craig-Wood)
- rclone touch: Add ability to set nanosecond resolution times (Nick
Craig-Wood)
- rclone tree: Remove -i shorthand for --noindent as it conflicts with
-i/--interactive (Nick Craig-Wood)
* Bug Fixes
* Mount
- rc interface
+ Add call for unmount all (Chaitanya Bankanhal)
+ Make mount/mount remote control take vfsOpt option (Nick
Craig-Wood)
+ Add mountOpt to mount/mount (Nick Craig-Wood)
+ Add VFS and Mount options to mount/listmounts (Nick Craig-Wood)
- Catch panics in cgofuse initialization and turn into error messages
(Nick Craig-Wood)
- Always supply stat information in Readdir (Nick Craig-Wood)
- Add support for reading unknown length files using direct IO
(Windows) (Nick Craig-Wood)
- Fix On Windows don't add -o uid/gid=-1 if user supplies -o uid/gid.
(Nick Craig-Wood)
- Fix volume name broken in recent refactor (Nick Craig-Wood)
* VFS
- Implement partial reads for --vfs-cache-mode full (Nick Craig-Wood)
- Add --vfs-writeback option to delay writes back to cloud storage
(Nick Craig-Wood)
- Add --vfs-read-ahead parameter for use with --vfs-cache-mode full
(Nick Craig-Wood)
- Restart pending uploads on restart of the cache (Nick Craig-Wood)
- Support synchronous cache space recovery upon ENOSPC (Leo Luan)
- Allow ReadAt and WriteAt to run concurrently with themselves (Nick
Craig-Wood)
- Change modtime of file before upload to current (Rob Calistri)
- Recommend --vfs-cache-modes writes on backends which can't stream
(Nick Craig-Wood)
- Add an optional fs parameter to vfs rc methods (Nick Craig-Wood)
- Fix errors when using > 260 char files in the cache in Windows (Nick
Craig-Wood)
- Fix renaming of items while they are being uploaded (Nick Craig-Wood)
- Fix very high load caused by slow directory listings (Nick
Craig-Wood)
- Fix renamed files not being uploaded with --vfs-cache-mode minimal
(Nick Craig-Wood)
- Fix directory locking caused by slow directory listings (Nick
Craig-Wood)
- Fix saving from chrome without --vfs-cache-mode writes (Nick
Craig-Wood)
* Crypt Add --crypt-server-side-across-configs flag (Nick Craig-Wood)
Make any created backends be cached to fix rc problems (Nick
Craig-Wood)
* Azure Blob Don't compile on < go1.13 after dependency update (Nick
Craig-Wood)
* B2 Implement server side copy for files > 5GB (Nick Craig-Wood) Cancel
in progress multipart uploads and copies on rclone exit (Nick
Craig-Wood) Note that b2's encoding now allows \ but rclone's hasn't
changed (Nick Craig-Wood) Fix transfers when using download_url (Nick
Craig-Wood)
* Box
- Implement rclone cleanup (buengese)
- Cancel in progress multipart uploads and copies on rclone exit (Nick
Craig-Wood)
- Allow authentication with access token (David)
* Chunker
- Make any created backends be cached to fix rc problems (Nick
Craig-Wood)
* Drive
- Add rclone backend drives to list shared drives (teamdrives) (Nick
Craig-Wood)
- Implement rclone backend untrash (Nick Craig-Wood)
- Work around drive bug which didn't set modtime of copied docs (Nick
Craig-Wood)
- Added --drive-starred-only to only show starred files (Jay McEntire)
- Deprecate --drive-alternate-export as it is no longer needed
(themylogin)
- Fix duplication of Google docs on server side copy (Nick Craig-Wood)
- Fix "panic: send on closed channel" when recycling dir entries (Nick
Craig-Wood)
* Dropbox
- Add copyright detector info in limitations section in the docs (Alex
Guerrero)
- Fix rclone link by removing expires parameter (Nick Craig-Wood)
* Fichier
- Detect Flood detected: IP Locked error and sleep for 30s (Nick
Craig-Wood)
* FTP
- Add explicit TLS support (Heiko Bornholdt)
- Add support for --dump bodies and --dump auth for debugging (Nick
Craig-Wood)
- Fix interoperation with pure-ftpd (Nick Craig-Wood)
* Google Cloud Storage
- Add support for anonymous access (Kai L��ke)
* Jottacloud
- Bring back legacy authentification for use with whitelabel versions
(buengese)
- Switch to new api root - also implement a very ugly workaround for
the DirMove failures (buengese)
* Onedrive
- Rework cancel of multipart uploads on rclone exit (Nick Craig-Wood)
- Implement rclone cleanup (Nick Craig-Wood)
- Add --onedrive-no-versions flag to remove old versions (Nick
Craig-Wood)
* Pcloud
- Implement rclone link for public link creation (buengese)
* Qingstor
- Cancel in progress multipart uploads on rclone exit (Nick Craig-Wood)
* S3
- Preserve metadata when doing multipart copy (Nick Craig-Wood)
- Cancel in progress multipart uploads and copies on rclone exit (Nick
Craig-Wood)
- Add rclone link for public link sharing (Roman Kredentser)
- Add rclone backend restore command to restore objects from GLACIER
(Nick Craig-Wood)
- Add rclone cleanup and rclone backend cleanup to clean unfinished
multipart uploads (Nick Craig-Wood)
- Add rclone backend list-multipart-uploads to list unfinished
multipart uploads (Nick Craig-Wood)
- Add --s3-max-upload-parts support (Kamil Trzci��ski)
- Add --s3-no-check-bucket for minimising rclone transactions and
perms (Nick Craig-Wood)
- Add --s3-profile and --s3-shared-credentials-file options (Nick
Craig-Wood)
- Use regional s3 us-east-1 endpoint (David)
- Add Scaleway provider (Vincent Feltz)
- Update IBM COS endpoints (Egor Margineanu)
- Reduce the default --s3-copy-cutoff to < 5GB for Backblaze S3
compatibility (Nick Craig-Wood)
- Fix detection of bucket existing (Nick Craig-Wood)
* SFTP
- Use the absolute path instead of the relative path for listing for
improved compatibility (Nick Craig-Wood)
- Add --sftp-subsystem and --sftp-server-command options (aus)
* Swift
- Fix dangling large objects breaking the listing (Nick Craig-Wood)
- Fix purge not deleting directory markers (Nick Craig-Wood)
- Fix update multipart object removing all of its own parts (Nick
Craig-Wood)
- Fix missing hash from object returned from upload (Nick Craig-Wood)
* Tardigrade
- Upgrade to uplink v1.2.0 (Kaloyan Raev)
* Union
- Fix writing with the all policy (Nick Craig-Wood)
* WebDAV
- Fix directory creation with 4shared (Nick Craig-Wood)
- Update to version 1.52.3
* Bug Fixes
- docs
+ Disable smart typography (eg en-dash) in MANUAL.* and man page
(Nick Craig-Wood)
+ Update install.md to reflect minimum Go version (Evan Harris)
+ Update install from source instructions (Nick Craig-Wood)
+ make_manual: Support SOURCE_DATE_EPOCH (Morten Linderud)
- log: Fix --use-json-log going to stderr not --log-file on Windows
(Nick Craig-Wood)
- serve dlna: Fix file list on Samsung Series 6+ TVs (Matteo Pietro
Dazzi)
- sync: Fix deadlock with --track-renames-strategy modtime (Nick
Craig-Wood)
* Cache
- Fix moveto/copyto remote:file remote:file2 (Nick Craig-Wood)
* Drive
- Stop using root_folder_id as a cache (Nick Craig-Wood)
- Make dangling shortcuts appear in listings (Nick Craig-Wood)
- Drop "Disabling ListR" messages down to debug (Nick Craig-Wood)
- Workaround and policy for Google Drive API (Dmitry Ustalov)
* FTP
- Add note to docs about home vs root directory selection (Nick
Craig-Wood)
* Onedrive
- Fix reverting to Copy when Move would have worked (Nick Craig-Wood)
- Avoid comma rendered in URL in onedrive.md (Kevin)
* Pcloud
- Fix oauth on European region "eapi.pcloud.com" (Nick Craig-Wood)
* S3
- Fix bucket Region auto detection when Region unset in config (Nick
Craig-Wood)
- Update to version 1.52.2
* Bug Fixes
- build
+ Fix docker release build action (Nick Craig-Wood)
+ Fix custom timezone in Docker image (NoLooseEnds)
- check: Fix misleading message which printed errors instead of
differences (Nick Craig-Wood)
- errors: Add WSAECONNREFUSED and more to the list of retriable
Windows errors (Nick Craig-Wood)
- rcd: Fix incorrect prometheus metrics (Gary Kim)
- serve restic: Fix flags so they use environment variables (Nick
Craig-Wood)
- serve webdav: Fix flags so they use environment variables (Nick
Craig-Wood)
- sync: Fix --track-renames-strategy modtime (Nick Craig-Wood)
* Drive
- Fix not being able to delete a directory with a trashed shortcut
(Nick Craig-Wood)
- Fix creating a directory inside a shortcut (Nick Craig-Wood)
- Fix --drive-impersonate with cached root_folder_id (Nick Craig-Wood)
* SFTP
- Fix SSH key PEM loading (Zac Rubin)
* Swift
- Speed up deletes by not retrying segment container deletes (Nick
Craig-Wood)
* Tardigrade
- Upgrade to uplink v1.1.1 (Caleb Case)
* WebDAV
- Fix free/used display for rclone about/df for certain backends (Nick
Craig-Wood)
- Update to version 1.52.1
* VFS
- Fix OS vs Unix path confusion - fixes ChangeNotify on Windows (Nick
Craig-Wood)
* Drive
- Fix missing items when listing using --fast-list / ListR (Nick
Craig-Wood)
* Putio
- Fix panic on Object.Open (Cenk Alti)
* S3
- Fix upload of single files into buckets without create permission
(Nick Craig-Wood)
- Fix --header-upload (Nick Craig-Wood)
* Tardigrade
- Fix listing bug by upgrading to v1.0.7
- Set UserAgent to rclone (Caleb Case)
- Update to version 1.52.0
* New backends
- Tardigrade backend for use with storj.io (Caleb Case)
- Union re-write to have multiple writable remotes (Max Sum)
- Seafile for Seafile server (Fred @creativeprojects)
* New commands
- backend: command for backend specific commands (see backends) (Nick
Craig-Wood)
- cachestats: Deprecate in favour of rclone backend stats cache: (Nick
Craig-Wood)
- dbhashsum: Deprecate in favour of rclone hashsum DropboxHash (Nick
Craig-Wood)
* New Features
- Add --header-download and --header-upload flags for setting HTTP
headers when uploading/downloading (Tim Gallant)
- Add --header flag to add HTTP headers to every HTTP transaction
(Nick Craig-Wood)
- Add --check-first to do all checking before starting transfers (Nick
Craig-Wood)
- Add --track-renames-strategy for configurable matching criteria for
--track-renames (Bernd Schoolmann)
- Add --cutoff-mode hard,soft,catious (Shing Kit Chan & Franklyn
Tackitt)
- Filter flags (eg --files-from -) can read from stdin (fishbullet)
- Add --error-on-no-transfer option (Jon Fautley)
- Implement --order-by xxx,mixed for copying some small and some big
files (Nick Craig-Wood)
- Allow --max-backlog to be negative meaning as large as possible
(Nick Craig-Wood)
- Added --no-unicode-normalization flag to allow Unicode filenames to
remain unique (Ben Zenker)
- Allow --min-age/--max-age to take a date as well as a duration (Nick
Craig-Wood)
- Add rename statistics for file and directory renames (Nick
Craig-Wood)
- Add statistics output to JSON log (reddi)
- Make stats be printed on non-zero exit code (Nick Craig-Wood)
- When running --password-command allow use of stdin (S��bastien Gross)
- Stop empty strings being a valid remote path (Nick Craig-Wood)
- accounting: support WriterTo for less memory copying (Nick
Craig-Wood)
- build
+ Update to use go1.14 for the build (Nick Craig-Wood)
+ Add -trimpath to release build for reproduceable builds (Nick
Craig-Wood)
+ Remove GOOS and GOARCH from Dockerfile (Brandon Philips)
- config
+ Fsync the config file after writing to save more reliably (Nick
Craig-Wood)
+ Add --obscure and --no-obscure flags to config create/update
(Nick Craig-Wood)
+ Make config show take remote: as well as remote (Nick Craig-Wood)
- copyurl: Add --no-clobber flag (Denis)
- delete: Added --rmdirs flag to delete directories as well (Kush)
- filter: Added --files-from-raw flag (Ankur Gupta)
- genautocomplete: Add support for fish shell (Matan Rosenberg)
- log: Add support for syslog LOCAL facilities (Patryk Jakuszew)
- lsjson: Add --hash-type parameter and use it in lsf to speed up
hashing (Nick Craig-Wood)
- rc
+ Add -o/--opt and -a/--arg for more structured input (Nick
Craig-Wood)
+ Implement backend/command for running backend specific commands
remotely (Nick Craig-Wood)
+ Add mount/mount command for starting rclone mount via the API
(Chaitanya)
- rcd: Add Prometheus metrics support (Gary Kim)
- serve http
+ Added a --template flag for user defined markup (calistri)
+ Add Last-Modified headers to files and directories (Nick
Craig-Wood)
- serve sftp: Add support for multiple host keys by repeating --key
flag (Maxime Suret)
- touch: Add --localtime flag to make --timestamp localtime not UTC
(Nick Craig-Wood)
* Bug Fixes
- accounting
+ Restore "Max number of stats groups reached" log line (Micha��
Matczuk)
+ Correct exitcode on Transfer Limit Exceeded flag. (Anuar
Serdaliyev)
+ Reset bytes read during copy retry (Ankur Gupta)
+ Fix race clearing stats (Nick Craig-Wood)
- copy: Only create empty directories when they don't exist on the
remote (Ishuah Kariuki)
- dedupe: Stop dedupe deleting files with identical IDs (Nick
Craig-Wood)
- oauth
+ Use custom http client so that --no-check-certificate is honored
by oauth token fetch (Mark Spieth)
+ Replace deprecated oauth2.NoContext (Lars Lehtonen)
- operations
+ Fix setting the timestamp on Windows for multithread copy (Nick
Craig-Wood)
+ Make rcat obey --ignore-checksum (Nick Craig-Wood)
+ Make --max-transfer more accurate (Nick Craig-Wood)
- rc
+ Fix dropped error (Lars Lehtonen)
+ Fix misplaced http server config (Xiaoxing Ye)
+ Disable duplicate log (ElonH)
- serve dlna
+ Cds: don't specify childCount at all when unknown (Dan Walters)
+ Cds: use modification time as date in dlna metadata (Dan Walters)
- serve restic: Fix tests after restic project removed vendoring (Nick
Craig-Wood)
- sync
+ Fix incorrect "nothing to transfer" message using --delete-before
(Nick Craig-Wood)
+ Only create empty directories when they don't exist on the remote
(Ishuah Kariuki)
* Mount
- Add --async-read flag to disable asynchronous reads (Nick Craig-Wood)
- Ignore --allow-root flag with a warning as it has been removed
upstream (Nick Craig-Wood)
- Warn if --allow-non-empty used on Windows and clarify docs (Nick
Craig-Wood)
- Constrain to go1.13 or above otherwise bazil.org/fuse fails to
compile (Nick Craig-Wood)
- Fix fail because of too long volume name (evileye)
- Report 1PB free for unknown disk sizes (Nick Craig-Wood)
- Map more rclone errors into file systems errors (Nick Craig-Wood)
- Fix disappearing cwd problem (Nick Craig-Wood)
- Use ReaddirPlus on Windows to improve directory listing performance
(Nick Craig-Wood)
- Send a hint as to whether the filesystem is case insensitive or not
(Nick Craig-Wood)
- Add rc command mount/types (Nick Craig-Wood)
- Change maximum leaf name length to 1024 bytes (Nick Craig-Wood)
* VFS
- Add --vfs-read-wait and --vfs-write-wait flags to control time
waiting for a sequential read/write (Nick Craig-Wood)
- Change default --vfs-read-wait to 20ms (it was 5ms and not
configurable) (Nick Craig-Wood)
- Make df output more consistent on a rclone mount. (Yves G)
- Report 1PB free for unknown disk sizes (Nick Craig-Wood)
- Fix race condition caused by unlocked reading of Dir.path (Nick
Craig-Wood)
- Make File lock and Dir lock not overlap to avoid deadlock (Nick
Craig-Wood)
- Implement lock ordering between File and Dir to eliminate deadlocks
(Nick Craig-Wood)
- Factor the vfs cache into its own package (Nick Craig-Wood)
- Pin the Fs in use in the Fs cache (Nick Craig-Wood)
- Add SetSys() methods to Node to allow caching stuff on a node (Nick
Craig-Wood)
- Ignore file not found errors from Hash in Read.Release (Nick
Craig-Wood)
- Fix hang in read wait code (Nick Craig-Wood)
* Local
- Speed up multi thread downloads by using sparse files on Windows
(Nick Craig-Wood)
- Implement --local-no-sparse flag for disabling sparse files (Nick
Craig-Wood)
- Implement rclone backend noop for testing purposes (Nick Craig-Wood)
- Fix "file not found" errors on post transfer Hash calculation (Nick
Craig-Wood)
* Cache
- Implement rclone backend stats command (Nick Craig-Wood)
- Fix Server Side Copy with Temp Upload (Brandon McNama)
- Remove Unused Functions (Lars Lehtonen)
- Disable race tests until bbolt is fixed (Nick Craig-Wood)
- Move methods used for testing into test file (greatroar)
- Add Pin and Unpin and canonicalised lookup (Nick Craig-Wood)
- Use proper import path go.etcd.io/bbolt (Robert-Andr�� Mauchin)
* Crypt
- Calculate hashes for uploads from local disk (Nick Craig-Wood)
+ This allows crypted Jottacloud uploads without using local disk
+ This means crypted s3/b2 uploads will now have hashes
- Added rclone backend decode/encode commands to replicate
functionality of cryptdecode (Anagh Kumar Baranwal)
- Get rid of the unused Cipher interface as it obfuscated the code
(Nick Craig-Wood)
* Azure Blob
- Implement streaming of unknown sized files so rcat is now supported
(Nick Craig-Wood)
- Implement memory pooling to control memory use (Nick Craig-Wood)
- Add --azureblob-disable-checksum flag (Nick Craig-Wood)
- Retry InvalidBlobOrBlock error as it may indicate block concurrency
problems (Nick Craig-Wood)
- Remove unused Object.parseTimeString() (Lars Lehtonen)
- Fix permission error on SAS URL limited to container (Nick
Craig-Wood)
* B2
- Add support for --header-upload and --header-download (Tim Gallant)
- Ignore directory markers at the root also (Nick Craig-Wood)
- Force the case of the SHA1 to lowercase (Nick Craig-Wood)
- Remove unused largeUpload.clearUploadURL() (Lars Lehtonen)
* Box
- Add support for --header-upload and --header-download (Tim Gallant)
- Implement About to read size used (Nick Craig-Wood)
- Add token renew function for jwt auth (David Bramwell)
- Added support for interchangeable root folder for Box backend (Sunil
Patra)
- Remove unnecessary iat from jws claims (David)
* Drive
- Follow shortcuts by default, skip with --drive-skip-shortcuts (Nick
Craig-Wood)
- Implement rclone backend shortcut command for creating shortcuts
(Nick Craig-Wood)
- Added rclone backend command to change service_account_file and
chunk_size (Anagh Kumar Baranwal)
- Fix missing files when using --fast-list and --drive-shared-with-me
(Nick Craig-Wood)
- Fix duplicate items when using --drive-shared-with-me (Nick
Craig-Wood)
- Extend --drive-stop-on-upload-limit to respond to
teamDriveFileLimitExceeded. (harry)
- Don't delete files with multiple parents to avoid data loss (Nick
Craig-Wood)
- Server side copy docs use default description if empty (Nick
Craig-Wood)
* Dropbox
- Make error insufficient space to be fatal (harry)
- Add info about required redirect url (Elan Ruusam��e)
* Fichier
- Add support for --header-upload and --header-download (Tim Gallant)
- Implement custom pacer to deal with the new rate limiting (buengese)
* FTP
- Fix lockup when using concurrency limit on failed connections (Nick
Craig-Wood)
- Fix lockup on failed upload when using concurrency limit (Nick
Craig-Wood)
- Fix lockup on Close failures when using concurrency limit (Nick
Craig-Wood)
- Work around pureftp sending spurious 150 messages (Nick Craig-Wood)
* Google Cloud Storage
- Add support for --header-upload and --header-download (Nick
Craig-Wood)
- Add ARCHIVE storage class to help (Adam Stroud)
- Ignore directory markers at the root (Nick Craig-Wood)
* Googlephotos
- Make the start year configurable (Daven)
- Add support for --header-upload and --header-download (Tim Gallant)
- Create feature/favorites directory (Brandon Philips)
- Fix "concurrent map write" error (Nick Craig-Wood)
- Don't put an image in error message (Nick Craig-Wood)
* HTTP
- Improved directory listing with new template from Caddy project
(calisro)
* Jottacloud
- Implement --jottacloud-trashed-only (buengese)
- Add support for --header-upload and --header-download (Tim Gallant)
- Use RawURLEncoding when decoding base64 encoded login token
(buengese)
- Implement cleanup (buengese)
- Update docs regarding cleanup, removed remains from old auth, and
added warning about special mountpoints. (albertony)
* Mailru
- Describe 2FA requirements (valery1707)
* Onedrive
- Implement --onedrive-server-side-across-configs (Nick Craig-Wood)
- Add support for --header-upload and --header-download (Tim Gallant)
- Fix occasional 416 errors on multipart uploads (Nick Craig-Wood)
- Added maximum chunk size limit warning in the docs (Harry)
- Fix missing drive on config (Nick Craig-Wood)
- Make error quotaLimitReached to be fatal (harry)
* Opendrive
- Add support for --header-upload and --header-download (Tim Gallant)
* Pcloud
- Added support for interchangeable root folder for pCloud backend
(Sunil Patra)
- Add support for --header-upload and --header-download (Tim Gallant)
- Fix initial config "Auth state doesn't match" message (Nick
Craig-Wood)
* Premiumizeme
- Add support for --header-upload and --header-download (Tim Gallant)
- Prune unused functions (Lars Lehtonen)
* Putio
- Add support for --header-upload and --header-download (Nick
Craig-Wood)
- Make downloading files use the rclone http Client (Nick Craig-Wood)
- Fix parsing of remotes with leading and trailing / (Nick Craig-Wood)
* Qingstor
- Make rclone cleanup remove pending multipart uploads older than 24h
(Nick Craig-Wood)
- Try harder to cancel failed multipart uploads (Nick Craig-Wood)
- Prune multiUploader.list() (Lars Lehtonen)
- Lint fix (Lars Lehtonen)
* S3
- Add support for --header-upload and --header-download (Tim Gallant)
- Use memory pool for buffer allocations (Maciej Zimnoch)
- Add SSE-C support for AWS, Ceph, and MinIO (Jack Anderson)
- Fail fast multipart upload (Micha�� Matczuk)
- Report errors on bucket creation (mkdir) correctly (Nick Craig-Wood)
- Specify that Minio supports URL encoding in listings (Nick
Craig-Wood)
- Added 500 as retryErrorCode (Micha�� Matczuk)
- Use --low-level-retries as the number of SDK retries (Aleksandar
Jankovi��)
- Fix multipart abort context (Aleksandar Jankovic)
- Replace deprecated session.New() with session.NewSession() (Lars
Lehtonen)
- Use the provided size parameter when allocating a new memory pool
(Joachim Brandon LeBlanc)
- Use rclone's low level retries instead of AWS SDK to fix listing
retries (Nick Craig-Wood)
- Ignore directory markers at the root also (Nick Craig-Wood)
- Use single memory pool (Micha�� Matczuk)
- Do not resize buf on put to memBuf (Micha�� Matczuk)
- Improve docs for --s3-disable-checksum (Nick Craig-Wood)
- Don't leak memory or tokens in edge cases for multipart upload (Nick
Craig-Wood)
* Seafile
- Implement 2FA (Fred)
* SFTP
- Added --sftp-pem-key to support inline key files (calisro)
- Fix post transfer copies failing with 0 size when using
set_modtime=false (Nick Craig-Wood)
* Sharefile
- Add support for --header-upload and --header-download (Tim Gallant)
* Sugarsync
- Add support for --header-upload and --header-download (Tim Gallant)
* Swift
- Add support for --header-upload and --header-download (Nick
Craig-Wood)
- Fix cosmetic issue in error message (Martin Michlmayr)
* Union
- Implement multiple writable remotes (Max Sum)
- Fix server-side copy (Max Sum)
- Implement ListR (Max Sum)
- Enable ListR when upstreams contain local (Max Sum)
* WebDAV
- Add support for --header-upload and --header-download (Tim Gallant)
- Fix X-OC-Mtime header for Transip compatibility (Nick Craig-Wood)
- Report full and consistent usage with about (Yves G)
* Yandex
- Add support for --header-upload and --header-download (Tim Gallant)
- Update to version 1.51.0
* See https://rclone.org/changelog/#v1-51-0-2020-02-01 for the complete
changelog.
- Update to version 1.50.2
* Bug Fixes
- accounting: Fix memory leak on retries operations (Nick Craig-Wood)
* Drive
- Fix listing of the root directory with drive.files scope (Nick
Craig-Wood)
- Fix --drive-root-folder-id with team/shared drives (Nick Craig-Wood)
- Update to version 1.50.1
* Bug Fixes
- hash: Fix accidentally changed hash names for DropboxHash and CRC-32
(Nick Craig-Wood)
- fshttp: Fix error reporting on tpslimit token bucket errors (Nick
Craig-Wood)
- fshttp: Don���t print token bucket errors on context cancelled (Nick
Craig-Wood)
* Local
- Fix listings of . on Windows (Nick Craig-Wood)
* Onedrive
- Fix DirMove/Move after Onedrive change (Xiaoxing Ye)
- Update to version 1.50.0
* New backends
- Citrix Sharefile (Nick Craig-Wood)
- Chunker - an overlay backend to split files into smaller parts (Ivan
Andreev)
- Mail.ru Cloud (Ivan Andreev)
* New Features
- encodings (Fabian M��ller & Nick Craig-Wood)
+ All backends now use file name encoding to ensure any file name can be
written to any backend.
+ See the restricted file name docs for more info and the local backend
docs.
+ Some file names may look different in rclone if you are using any
control characters in names or unicode FULLWIDTH symbols.
- build
+ Update to use go1.13 for the build (Nick Craig-Wood)
+ Drop support for go1.9 (Nick Craig-Wood)
+ Build rclone with GitHub actions (Nick Craig-Wood)
+ Convert python scripts to python3 (Nick Craig-Wood)
+ Swap Azure/go-ansiterm for mattn/go-colorable (Nick Craig-Wood)
+ Dockerfile fixes (Matei David)
+ Add plugin support for backends and commands (Richard Patel)
- config
+ Use alternating Red/Green in config to make more obvious (Nick
Craig-Wood)
- contrib
+ Add sample DLNA server Docker Compose manifest. (pataquets)
+ Add sample WebDAV server Docker Compose manifest. (pataquets)
- copyurl
+ Add --auto-filename flag for using file name from URL in destination
path (Denis)
- serve dlna:
+ Many compatability improvements (Dan Walters)
+ Support for external srt subtitles (Dan Walters)
- rc
+ Added command core/quit (Saksham Khanna)
* Bug Fixes
- sync
+ Make --update/-u not transfer files that haven���t changed (Nick
Craig-Wood)
+ Free objects after they come out of the transfer pipe to save memory
(Nick Craig-Wood)
+ Fix --files-from without --no-traverse doing a recursive scan (Nick
Craig-Wood)
- operations
+ Fix accounting for server side copies (Nick Craig-Wood)
+ Display ���All duplicates removed��� only if dedupe successful (Sezal
Agrawal)
+ Display ���Deleted X extra copies��� only if dedupe successful (Sezal
Agrawal)
- accounting
+ Only allow up to 100 completed transfers in the accounting list to
save memory (Nick Craig-Wood)
+ Cull the old time ranges when possible to save memory (Nick Craig-Wood)
+ Fix panic due to server-side copy fallback (Ivan Andreev)
+ Fix memory leak noticeable for transfers of large numbers of objects
(Nick Craig-Wood)
+ Fix total duration calculation (Nick Craig-Wood)
- cmd
+ Fix environment variables not setting command line flags (Nick
Craig-Wood)
+ Make autocomplete compatible with bash���s posix mode for macOS (Danil
Semelenov)
+ Make --progress work in git bash on Windows (Nick Craig-Wood)
+ Fix ���compopt: command not found��� on autocomplete on macOS (Danil
Semelenov)
- config
+ Fix setting of non top level flags from environment variables (Nick
Craig-Wood)
+ Check config names more carefully and report errors (Nick Craig-Wood)
+ Remove error: can���t use --size-only and --ignore-size together.
(Nick Craig-Wood)
+ filter: Prevent mixing options when --files-from is in use (Michele
Caci)
+ serve sftp: Fix crash on unsupported operations (eg Readlink) (Nick
Craig-Wood)
* Mount
- Allow files of unkown size to be read properly (Nick Craig-Wood)
- Skip tests on <= 2 CPUs to avoid lockup (Nick Craig-Wood)
- Fix panic on File.Open (Nick Craig-Wood)
- Fix ���mount_fusefs: -o timeout=: option not supported��� on FreeBSD
(Nick Craig-Wood)
- Don���t pass huge filenames (>4k) to FUSE as it can���t cope (Nick
Craig-Wood)
* VFS
- Add flag --vfs-case-insensitive for windows/macOS mounts (Ivan
Andreev)
- Make objects of unknown size readable through the VFS (Nick
Craig-Wood)
- Move writeback of dirty data out of close() method into its own
method (FlushWrites) and remove close() call from Flush() (Brett
Dutro)
- Stop empty dirs disappearing when renamed on bucket based remotes
(Nick Craig-Wood)
- Stop change notify polling clearing so much of the directory cache
(Nick Craig-Wood)
* Azure Blob
- Disable logging to the Windows event log (Nick Craig-Wood)
* B2
- Remove unverified: prefix on sha1 to improve interop (eg with
CyberDuck) (Nick Craig-Wood)
* Box
- Add options to get access token via JWT auth (David)
* Drive
- Disable HTTP/2 by default to work around INTERNAL_ERROR problems
(Nick Craig-Wood)
- Make sure that drive root ID is always canonical (Nick Craig-Wood)
- Fix --drive-shared-with-me from the root with lsand --fast-list (Nick
Craig-Wood)
- Fix ChangeNotify polling for shared drives (Nick Craig-Wood)
- Fix change notify polling when using appDataFolder (Nick Craig-Wood)
* Dropbox
- Make disallowed filenames errors not retry (Nick Craig-Wood)
- Fix nil pointer exception on restricted files (Nick Craig-Wood)
* Fichier
- Fix accessing files > 2GB on 32 bit systems (Nick Craig-Wood)
* FTP
- Allow disabling EPSV mode (Jon Fautley)
* HTTP
- HEAD directory entries in parallel to speedup (Nick Craig-Wood)
- Add --http-no-head to stop rclone doing HEAD in listings (Nick
Craig-Wood)
* Putio
- Add ability to resume uploads (Cenk Alti)
* S3
- Fix signature v2_auth headers (Anthony Rusdi)
- Fix encoding for control characters (Nick Craig-Wood)
- Only ask for URL encoded directory listings if we need them on Ceph
(Nick Craig-Wood)
- Add option for multipart failiure behaviour (Aleksandar Jankovic)
- Support for multipart copy (���������)
- Fix nil pointer reference if no metadata returned for object (Nick
Craig-Wood)
* SFTP
- Fix --sftp-ask-password trying to contact the ssh agent (Nick
Craig-Wood)
- Fix hashes of files with backslashes (Nick Craig-Wood)
- Include more ciphers with --sftp-use-insecure-cipher (Carlos Ferreyra)
* WebDAV
- Parse and return Sharepoint error response (Henning Surmeier)
- Update to version 1.49.4
* Bug Fixes
- cmd/rcd: Address ZipSlip vulnerability (Richard Patel)
- accounting: Fix file handle leak on errors (Nick Craig-Wood)
- oauthutil: Fix security problem when running with two users on the
same machine (Nick Craig-Wood)
* FTP
- Fix listing of an empty root returning: error dir not found (Nick
Craig-Wood)
* S3
- Fix SetModTime on GLACIER/ARCHIVE objects and implement set/get
tier (Nick Craig-Wood)
- Update to version 1.49.3
* Bug Fixes
- accounting
+ Fix total duration calculation (Aleksandar Jankovic)
+ Fix ���file already closed��� on transfer retries (Nick Craig-Wood)
- Update to version 1.49.2
* New Features
- build: Add Docker workflow support (Alfonso Montero)
* Bug Fixes
- accounting: Fix locking in Transfer to avoid deadlock with
--progress (Nick Craig-Wood)
- docs: Fix template argument for mktemp in install.sh (Cnly)
- operations: Fix -u/--update with google photos / files of unknown
size (Nick Craig-Wood)
- rc: Fix docs for config/create /update /password (Nick Craig-Wood)
* Google Cloud Storage
- Fix need for elevated permissions on SetModTime (Nick Craig-Wood)
- Update to version 1.49.1
* Bug Fixes
- config: Fix generated passwords being stored as empty password (Nick
Craig-Wood)
- rcd: Added missing parameter for web-gui info logs. (Chaitanya)
* Googlephotos
- Fix crash on error response (Nick Craig-Wood)
* Onedrive
- Fix crash on error response (Nick Craig-Wood)
- Update to version 1.49.0
* New backends
- 1fichier (Laura Hausmann)
- Google Photos (Nick Craig-Wood)
- Putio (Cenk Alti)
- premiumize.me (Nick Craig-Wood)
* New Features
- Experimental web GUI (Chaitanya Bankanhal)
- Implement --compare-dest & --copy-dest (yparitcher)
- Implement --suffix without --backup-dir for backup to current dir
(yparitcher)
- config reconnect to re-login (re-run the oauth login) for the
backend. (Nick Craig-Wood)
- config userinfo to discover which user you are logged in as. (Nick
Craig-Wood)
- config disconnect to disconnect you (log out) from the backend.
(Nick Craig-Wood)
- Add --use-json-log for JSON logging (justinalin)
- Add context propagation to rclone (Aleksandar Jankovic)
- Reworking internal statistics interfaces so they work with rc jobs
(Aleksandar Jankovic)
- Add Higher units for ETA (AbelThar)
- Update rclone logos to new design (Andreas Chlupka)
- hash: Add CRC-32 support (Cenk Alti)
- help showbackend: Fixed advanced option category when there are no
standard options (buengese)
- ncdu: Display/Copy to Clipboard Current Path (Gary Kim)
- operations:
+ Run hashing operations in parallel (Nick Craig-Wood)
+ Don���t calculate checksums when using --ignore-checksum (Nick
Craig-Wood)
+ Check transfer hashes when using --size-only mode (Nick Craig-Wood)
+ Disable multi thread copy for local to local copies (Nick
Craig-Wood)
+ Debug successful hashes as well as failures (Nick Craig-Wood)
- rc
+ Add ability to stop async jobs (Aleksandar Jankovic)
+ Return current settings if core/bwlimit called without parameters
(Nick Craig-Wood)
+ Rclone-WebUI integration with rclone (Chaitanya Bankanhal)
+ Added command line parameter to control the cross origin resource
sharing (CORS) in the rcd. (Security Improvement) (Chaitanya Bankanhal)
+ Add anchor tags to the docs so links are consistent (Nick
Craig-Wood)
+ Remove _async key from input parameters after parsing so later
operations won���t get confused (buengese)
+ Add call to clear stats (Aleksandar Jankovic)
- rcd
+ Auto-login for web-gui (Chaitanya Bankanhal)
+ Implement --baseurl for rcd and web-gui (Chaitanya Bankanhal)
- serve dlna
+ Only select interfaces which can multicast for SSDP (Nick
Craig-Wood)
+ Add more builtin mime types to cover standard audio/video (Nick
Craig-Wood)
+ Fix missing mime types on Android causing missing videos (Nick
Craig-Wood)
- serve ftp
+ Refactor to bring into line with other serve commands (Nick
Craig-Wood)
+ Implement --auth-proxy (Nick Craig-Wood)
- serve http: Implement --baseurl (Nick Craig-Wood)
- serve restic: Implement --baseurl (Nick Craig-Wood)
- serve sftp
+ Implement auth proxy (Nick Craig-Wood)
+ Fix detection of whether server is authorized (Nick Craig-Wood)
- serve webdav
+ Implement --baseurl (Nick Craig-Wood)
+ Support --auth-proxy (Nick Craig-Wood)
* Bug Fixes
- Make ���bad record MAC��� a retriable error (Nick Craig-Wood)
- copyurl: Fix copying files that return HTTP errors (Nick Craig-Wood)
- march: Fix checking sub-directories when using --no-traverse
(buengese)
- rc
+ Fix unmarshalable http.AuthFn in options and put in test for
marshalability (Nick Craig-Wood)
+ Move job expire flags to rc to fix initalization problem (Nick
Craig-Wood)
+ Fix --loopback with rc/list and others (Nick Craig-Wood)
- rcat: Fix slowdown on systems with multiple hashes (Nick Craig-Wood)
- rcd: Fix permissions problems on cache directory with web gui
download (Nick Craig-Wood)
* Mount
- Default --deamon-timout to 15 minutes on macOS and FreeBSD (Nick
Craig-Wood)
- Update docs to show mounting from root OK for bucket based (Nick
Craig-Wood)
- Remove nonseekable flag from write files (Nick Craig-Wood)
* VFS
- Make write without cache more efficient (Nick Craig-Wood)
- Fix --vfs-cache-mode minimal and writes ignoring cached files (Nick
Craig-Wood)
* Local
- Add --local-case-sensitive and --local-case-insensitive (Nick
Craig-Wood)
- Avoid polluting page cache when uploading local files to remote
backends (Micha�� Matczuk)
- Don���t calculate any hashes by default (Nick Craig-Wood)
- Fadvise run syscall on a dedicated go routine (Micha�� Matczuk)
* Azure Blob
- Azure Storage Emulator support (Sandeep)
- Updated config help details to remove connection string references
(Sandeep)
- Make all operations work from the root (Nick Craig-Wood)
* B2
- Implement link sharing (yparitcher)
- Enable server side copy to copy between buckets (Nick Craig-Wood)
- Make all operations work from the root (Nick Craig-Wood)
* Drive
- Fix server side copy of big files (Nick Craig-Wood)
- Update API for teamdrive use (Nick Craig-Wood)
- Add error for purge with --drive-trashed-only (ginvine)
* Fichier
- Make FolderID int and adjust related code (buengese)
* Google Cloud Storage
- Reduce oauth scope requested as suggested by Google (Nick Craig-Wood)
- Make all operations work from the root (Nick Craig-Wood)
* HTTP
- Add --http-headers flag for setting arbitrary headers (Nick
Craig-Wood)
* Jottacloud
- Use new api for retrieving internal username (buengese)
- Refactor configuration and minor cleanup (buengese)
* Koofr
- Support setting modification times on Koofr backend. (jaKa)
* Opendrive
- Refactor to use existing lib/rest facilities for uploads (Nick
Craig-Wood)
* Qingstor
- Upgrade to v3 SDK and fix listing loop (Nick Craig-Wood)
- Make all operations work from the root (Nick Craig-Wood)
* S3
- Add INTELLIGENT_TIERING storage class (Matti Niemenmaa)
- Make all operations work from the root (Nick Craig-Wood)
* SFTP
- Add missing interface check and fix About (Nick Craig-Wood)
- Completely ignore all modtime checks if SetModTime=false (Jon
Fautley)
- Support md5/sha1 with rsync.net (Nick Craig-Wood)
- Save the md5/sha1 command in use to the config file for efficiency
(Nick Craig-Wood)
- Opt-in support for diffie-hellman-group-exchange-sha256
diffie-hellman-group-exchange-sha1 (Yi FU)
* Swift
- Use FixRangeOption to fix 0 length files via the VFS (Nick
Craig-Wood)
- Fix upload when using no_chunk to return the correct size (Nick
Craig-Wood)
- Make all operations work from the root (Nick Craig-Wood)
- Fix segments leak during failed large file uploads.
(nguyenhuuluan434)
* WebDAV
- Add --webdav-bearer-token-command (Nick Craig-Wood)
- Refresh token when it expires with --webdav-bearer-token-command
(Nick Craig-Wood)
- Add docs for using bearer_token_command with oidc-agent (Paul Millar)
- Fix executable permission
- Update to version 1.48.0
* New commands
- serve sftp: Serve an rclone remote over SFTP (Nick Craig-Wood)
* New Features
- Multi threaded downloads to local storage (Nick Craig-Wood)
controlled with --multi-thread-cutoff and --multi-thread-streams
- Use rclone.conf from rclone executable directory to enable portable
use (albertony)
- Allow sync of a file and a directory with the same name (forgems)
this is common on bucket based remotes, eg s3, gcs
- Add --ignore-case-sync for forced case insensitivity (garry415)
- Implement --stats-one-line-date and --stats-one-line-date-format
(Peter Berbec)
- Log an ERROR for all commands which exit with non-zero status (Nick
Craig-Wood)
- Use go-homedir to read the home directory more reliably (Nick
Craig-Wood)
- Enable creating encrypted config through external script invocation
(Wojciech Smigielski)
- build: Drop support for go1.8 (Nick Craig-Wood)
- config: Make config create/update encrypt passwords where necessary
(Nick Craig-Wood)
- copyurl: Honor --no-check-certificate (Stefan Breunig)
- install: Linux skip man pages if no mandb (didil)
- lsf: Support showing the Tier of the object (Nick Craig-Wood)
- lsjson
+ Added EncryptedPath to output (calisro)
+ Support showing the Tier of the object (Nick Craig-Wood)
+ Add IsBucket field for bucket based remote listing of the root
(Nick Craig-Wood)
- rc
+ Add --loopback flag to run commands directly without a server
(Nick Craig-Wood)
+ Add operations/fsinfo: Return information about the remote (Nick
Craig-Wood)
+ Skip auth for OPTIONS request (Nick Craig-Wood)
+ cmd/providers: Add DefaultStr, ValueStr and Type fields (Nick
Craig-Wood)
+ jobs: Make job expiry timeouts configurable (Aleksandar Jankovic)
- serve dlna reworked and improved (Dan Walters)
- serve ftp: add --ftp-public-ip flag to specify public IP (calistri)
- serve restic: Add support for --private-repos in serve restic
(Florian Apolloner)
- serve webdav: Combine serve webdav and serve http (Gary Kim)
- size: Ignore negative sizes when calculating total (Garry McNulty)
* Bug Fixes
- Make move and copy individual files obey --backup-dir (Nick
Craig-Wood)
- If --ignore-checksum is in effect, don���t calculate checksum (Nick
Craig-Wood)
- moveto: Fix case-insensitive same remote move (Gary Kim)
- rc: Fix serving bucket based objects with --rc-serve (Nick
Craig-Wood)
- serve webdav: Fix serveDir not being updated with changes from
webdav (Gary Kim)
* Mount
- Fix poll interval documentation (Animosity022)
* VFS
- Make WriteAt for non cached files work with non-sequential writes
(Nick Craig-Wood)
* Local
- Only calculate the required hashes for big speedup (Nick Craig-Wood)
- Log errors when listing instead of returning an error (Nick
Craig-Wood)
- Fix preallocate warning on Linux with ZFS (Nick Craig-Wood)
* Crypt
- Make rclone dedupe work through crypt (Nick Craig-Wood)
- Fix wrapping of ChangeNotify to decrypt directories properly (Nick
Craig-Wood)
- Support PublicLink (rclone link) of underlying backend (Nick
Craig-Wood)
- Implement Optional methods SetTier, GetTier (Nick Craig-Wood)
* B2
- Implement server side copy (Nick Craig-Wood)
- Implement SetModTime (Nick Craig-Wood)
* Drive
- Fix move and copy from TeamDrive to GDrive (Fionera)
- Add notes that cleanup works in the background on drive (Nick
Craig-Wood)
- Add --drive-server-side-across-configs to default back to old server
side copy semantics by default (Nick Craig-Wood)
- Add --drive-size-as-quota to show storage quota usage for file size
(Garry McNulty)
* FTP
- Add FTP List timeout (Jeff Quinn)
- Add FTP over TLS support (Gary Kim)
- Add --ftp-no-check-certificate option for FTPS (Gary Kim)
* Google Cloud Storage
- Fix upload errors when uploading pre 1970 files (Nick Craig-Wood)
* Jottacloud
- Add support for selecting device and mountpoint. (buengese)
* Mega
- Add cleanup support (Gary Kim)
* Onedrive
- More accurately check if root is found (Cnly)
* S3
- Suppport S3 Accelerated endpoints with --s3-use-accelerate-endpoint
(Nick Craig-Wood)
- Add config info for Wasabi���s EU Central endpoint (Robert Marko)
- Make SetModTime work for GLACIER while syncing (Philip Harvey)
* SFTP
- Add About support (Gary Kim)
- Fix about parsing of df results so it can cope with -ve results
(Nick Craig-Wood)
- Send custom client version and debug server version (Nick Craig-Wood)
* WebDAV
- Retry on 423 Locked errors (Nick Craig-Wood)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2035=1
Package List:
- openSUSE Leap 15.1 (x86_64):
rclone-1.53.3-lp151.3.6.1
rclone-debuginfo-1.53.3-lp151.3.6.1
- openSUSE Leap 15.1 (noarch):
rclone-bash-completion-1.53.3-lp151.3.6.1
rclone-zsh-completion-1.53.3-lp151.3.6.1
References:
https://www.suse.com/security/cve/CVE-2020-28924.html
https://bugzilla.suse.com/1179005
1
0
[opensuse-updates] openSUSE-SU-2020:2030-1: important: Security update for xen
by opensuse-security@opensuse.org 26 Nov '20
by opensuse-security@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Security Update: Security update for xen
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:2030-1
Rating: important
References: #1027519 #1177950 #1178591
Cross-References: CVE-2020-28368
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for xen fixes the following issues:
Security issue fixed:
- CVE-2020-28368: Fixed the Intel RAPL sidechannel attack, aka PLATYPUS
attack, aka XSA-351 (bsc#1178591).
Non-security issues fixed:
- Updated to Xen 4.12.4 bug fix release (bsc#1027519).
- Fixed a panic during MSI cleanup on AMD hardware (bsc#1027519).
- Adjusted help for --max_iters, default is 5 (bsc#1177950).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2030=1
Package List:
- openSUSE Leap 15.1 (i586 x86_64):
xen-debugsource-4.12.4_02-lp151.2.30.1
xen-devel-4.12.4_02-lp151.2.30.1
xen-libs-4.12.4_02-lp151.2.30.1
xen-libs-debuginfo-4.12.4_02-lp151.2.30.1
xen-tools-domU-4.12.4_02-lp151.2.30.1
xen-tools-domU-debuginfo-4.12.4_02-lp151.2.30.1
- openSUSE Leap 15.1 (x86_64):
xen-4.12.4_02-lp151.2.30.1
xen-doc-html-4.12.4_02-lp151.2.30.1
xen-libs-32bit-4.12.4_02-lp151.2.30.1
xen-libs-32bit-debuginfo-4.12.4_02-lp151.2.30.1
xen-tools-4.12.4_02-lp151.2.30.1
xen-tools-debuginfo-4.12.4_02-lp151.2.30.1
References:
https://www.suse.com/security/cve/CVE-2020-28368.html
https://bugzilla.suse.com/1027519
https://bugzilla.suse.com/1177950
https://bugzilla.suse.com/1178591
1
0
[opensuse-updates] openSUSE-SU-2020:2031-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 26 Nov '20
by opensuse-security@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:2031-1
Rating: important
References: #1178824
Cross-References: CVE-2020-15999 CVE-2020-16012 CVE-2020-26951
CVE-2020-26953 CVE-2020-26956 CVE-2020-26958
CVE-2020-26959 CVE-2020-26960 CVE-2020-26961
CVE-2020-26965 CVE-2020-26966 CVE-2020-26968
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that fixes 12 vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.5.0 ESR (bsc#1178824)
* CVE-2020-26951: Parsing mismatches could confuse and bypass security
sanitizer for chrome privileged code
* CVE-2020-16012: Variable time processing of cross-origin images during
drawImage calls
* CVE-2020-26953: Fullscreen could be enabled without displaying the
security UI
* CVE-2020-26956: XSS through paste (manual and clipboard API)
* CVE-2020-26958: Requests intercepted through ServiceWorkers lacked
MIME type restrictions
* CVE-2020-26959: Use-after-free in WebRequestService
* CVE-2020-26960: Potential use-after-free in uses of nsTArray
* CVE-2020-15999: Heap buffer overflow in freetype
* CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
* CVE-2020-26965: Software keyboards may have remembered typed passwords
* CVE-2020-26966: Single-word search queries were also broadcast to
local network
* CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR
78.5
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2031=1
Package List:
- openSUSE Leap 15.1 (x86_64):
MozillaFirefox-78.5.0-lp151.2.79.1
MozillaFirefox-branding-upstream-78.5.0-lp151.2.79.1
MozillaFirefox-buildsymbols-78.5.0-lp151.2.79.1
MozillaFirefox-debuginfo-78.5.0-lp151.2.79.1
MozillaFirefox-debugsource-78.5.0-lp151.2.79.1
MozillaFirefox-devel-78.5.0-lp151.2.79.1
MozillaFirefox-translations-common-78.5.0-lp151.2.79.1
MozillaFirefox-translations-other-78.5.0-lp151.2.79.1
References:
https://www.suse.com/security/cve/CVE-2020-15999.html
https://www.suse.com/security/cve/CVE-2020-16012.html
https://www.suse.com/security/cve/CVE-2020-26951.html
https://www.suse.com/security/cve/CVE-2020-26953.html
https://www.suse.com/security/cve/CVE-2020-26956.html
https://www.suse.com/security/cve/CVE-2020-26958.html
https://www.suse.com/security/cve/CVE-2020-26959.html
https://www.suse.com/security/cve/CVE-2020-26960.html
https://www.suse.com/security/cve/CVE-2020-26961.html
https://www.suse.com/security/cve/CVE-2020-26965.html
https://www.suse.com/security/cve/CVE-2020-26966.html
https://www.suse.com/security/cve/CVE-2020-26968.html
https://bugzilla.suse.com/1178824
1
0
[opensuse-updates] openSUSE-SU-2020:2032-1: important: Security update for chromium
by opensuse-security@opensuse.org 26 Nov '20
by opensuse-security@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:2032-1
Rating: important
References: #1178923
Cross-References: CVE-2019-8075 CVE-2020-16012 CVE-2020-16014
CVE-2020-16015 CVE-2020-16018 CVE-2020-16019
CVE-2020-16020 CVE-2020-16021 CVE-2020-16022
CVE-2020-16023 CVE-2020-16024 CVE-2020-16025
CVE-2020-16026 CVE-2020-16027 CVE-2020-16028
CVE-2020-16029 CVE-2020-16030 CVE-2020-16031
CVE-2020-16032 CVE-2020-16033 CVE-2020-16034
CVE-2020-16035 CVE-2020-16036
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that fixes 23 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
- Update to 87.0.4280.66 (boo#1178923)
- Wayland support by default
- CVE-2020-16018: Use after free in payments.
- CVE-2020-16019: Inappropriate implementation in filesystem.
- CVE-2020-16020: Inappropriate implementation in cryptohome.
- CVE-2020-16021: Race in ImageBurner.
- CVE-2020-16022: Insufficient policy enforcement in networking.
- CVE-2020-16015: Insufficient data validation in WASM. R
- CVE-2020-16014: Use after free in PPAPI.
- CVE-2020-16023: Use after free in WebCodecs.
- CVE-2020-16024: Heap buffer overflow in UI.
- CVE-2020-16025: Heap buffer overflow in clipboard.
- CVE-2020-16026: Use after free in WebRTC.
- CVE-2020-16027: Insufficient policy enforcement in developer tools. R
- CVE-2020-16028: Heap buffer overflow in WebRTC.
- CVE-2020-16029: Inappropriate implementation in PDFium.
- CVE-2020-16030: Insufficient data validation in Blink.
- CVE-2019-8075: Insufficient data validation in Flash.
- CVE-2020-16031: Incorrect security UI in tab preview.
- CVE-2020-16032: Incorrect security UI in sharing.
- CVE-2020-16033: Incorrect security UI in WebUSB.
- CVE-2020-16034: Inappropriate implementation in WebRTC.
- CVE-2020-16035: Insufficient data validation in cros-disks.
- CVE-2020-16012: Side-channel information leakage in graphics.
- CVE-2020-16036: Inappropriate implementation in cookies.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2032=1
Package List:
- openSUSE Leap 15.1 (x86_64):
chromedriver-87.0.4280.66-lp151.2.156.1
chromedriver-debuginfo-87.0.4280.66-lp151.2.156.1
chromium-87.0.4280.66-lp151.2.156.1
chromium-debuginfo-87.0.4280.66-lp151.2.156.1
References:
https://www.suse.com/security/cve/CVE-2019-8075.html
https://www.suse.com/security/cve/CVE-2020-16012.html
https://www.suse.com/security/cve/CVE-2020-16014.html
https://www.suse.com/security/cve/CVE-2020-16015.html
https://www.suse.com/security/cve/CVE-2020-16018.html
https://www.suse.com/security/cve/CVE-2020-16019.html
https://www.suse.com/security/cve/CVE-2020-16020.html
https://www.suse.com/security/cve/CVE-2020-16021.html
https://www.suse.com/security/cve/CVE-2020-16022.html
https://www.suse.com/security/cve/CVE-2020-16023.html
https://www.suse.com/security/cve/CVE-2020-16024.html
https://www.suse.com/security/cve/CVE-2020-16025.html
https://www.suse.com/security/cve/CVE-2020-16026.html
https://www.suse.com/security/cve/CVE-2020-16027.html
https://www.suse.com/security/cve/CVE-2020-16028.html
https://www.suse.com/security/cve/CVE-2020-16029.html
https://www.suse.com/security/cve/CVE-2020-16030.html
https://www.suse.com/security/cve/CVE-2020-16031.html
https://www.suse.com/security/cve/CVE-2020-16032.html
https://www.suse.com/security/cve/CVE-2020-16033.html
https://www.suse.com/security/cve/CVE-2020-16034.html
https://www.suse.com/security/cve/CVE-2020-16035.html
https://www.suse.com/security/cve/CVE-2020-16036.html
https://bugzilla.suse.com/1178923
1
0
[opensuse-updates] openSUSE-SU-2020:2033-1: important: Security update for slurm
by opensuse-security@opensuse.org 26 Nov '20
by opensuse-security@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Security Update: Security update for slurm
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:2033-1
Rating: important
References: #1178890 #1178891
Cross-References: CVE-2020-27745 CVE-2020-27746
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for slurm fixes the following issues:
- CVE-2020-27745: PMIx - fix potential buffer overflows from use of
unpackmem() (bsc#1178890).
- CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie
when sent as an argument to the xauth command (bsc#1178891).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2033=1
Package List:
- openSUSE Leap 15.1 (x86_64):
libpmi0-18.08.9-lp151.2.14.1
libpmi0-debuginfo-18.08.9-lp151.2.14.1
libslurm33-18.08.9-lp151.2.14.1
libslurm33-debuginfo-18.08.9-lp151.2.14.1
perl-slurm-18.08.9-lp151.2.14.1
perl-slurm-debuginfo-18.08.9-lp151.2.14.1
slurm-18.08.9-lp151.2.14.1
slurm-auth-none-18.08.9-lp151.2.14.1
slurm-auth-none-debuginfo-18.08.9-lp151.2.14.1
slurm-config-18.08.9-lp151.2.14.1
slurm-config-man-18.08.9-lp151.2.14.1
slurm-cray-18.08.9-lp151.2.14.1
slurm-cray-debuginfo-18.08.9-lp151.2.14.1
slurm-debuginfo-18.08.9-lp151.2.14.1
slurm-debugsource-18.08.9-lp151.2.14.1
slurm-devel-18.08.9-lp151.2.14.1
slurm-doc-18.08.9-lp151.2.14.1
slurm-hdf5-18.08.9-lp151.2.14.1
slurm-hdf5-debuginfo-18.08.9-lp151.2.14.1
slurm-lua-18.08.9-lp151.2.14.1
slurm-lua-debuginfo-18.08.9-lp151.2.14.1
slurm-munge-18.08.9-lp151.2.14.1
slurm-munge-debuginfo-18.08.9-lp151.2.14.1
slurm-node-18.08.9-lp151.2.14.1
slurm-node-debuginfo-18.08.9-lp151.2.14.1
slurm-openlava-18.08.9-lp151.2.14.1
slurm-pam_slurm-18.08.9-lp151.2.14.1
slurm-pam_slurm-debuginfo-18.08.9-lp151.2.14.1
slurm-plugins-18.08.9-lp151.2.14.1
slurm-plugins-debuginfo-18.08.9-lp151.2.14.1
slurm-seff-18.08.9-lp151.2.14.1
slurm-sjstat-18.08.9-lp151.2.14.1
slurm-slurmdbd-18.08.9-lp151.2.14.1
slurm-slurmdbd-debuginfo-18.08.9-lp151.2.14.1
slurm-sql-18.08.9-lp151.2.14.1
slurm-sql-debuginfo-18.08.9-lp151.2.14.1
slurm-sview-18.08.9-lp151.2.14.1
slurm-sview-debuginfo-18.08.9-lp151.2.14.1
slurm-torque-18.08.9-lp151.2.14.1
slurm-torque-debuginfo-18.08.9-lp151.2.14.1
slurm-webdoc-18.08.9-lp151.2.14.1
References:
https://www.suse.com/security/cve/CVE-2020-27745.html
https://www.suse.com/security/cve/CVE-2020-27746.html
https://bugzilla.suse.com/1178890
https://bugzilla.suse.com/1178891
1
0
[opensuse-updates] openSUSE-SU-2020:2028-1: important: Security update for postgresql10
by opensuse-security@opensuse.org 26 Nov '20
by opensuse-security@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Security Update: Security update for postgresql10
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:2028-1
Rating: important
References: #1178666 #1178667 #1178668
Cross-References: CVE-2020-25694 CVE-2020-25695 CVE-2020-25696
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for postgresql10 fixes the following issues:
- Upgrade to version 10.15:
* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and
firing of deferred triggers within index expressions and materialized
view queries.
* CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string
parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb.
b) When psql's \connect command re-uses connection parameters, ensure
that all non-overridden parameters from a previous connection string
are re-used.
* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
modifying specially-treated variables.
* Fix recently-added timetz test case so it works when the USA is not
observing daylight savings time.
* https://www.postgresql.org/about/news/2111/
* https://www.postgresql.org/docs/10/release-10-15.html
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2028=1
Package List:
- openSUSE Leap 15.1 (i586 x86_64):
postgresql10-10.15-lp151.2.21.1
postgresql10-contrib-10.15-lp151.2.21.1
postgresql10-contrib-debuginfo-10.15-lp151.2.21.1
postgresql10-debuginfo-10.15-lp151.2.21.1
postgresql10-debugsource-10.15-lp151.2.21.1
postgresql10-devel-10.15-lp151.2.21.1
postgresql10-devel-debuginfo-10.15-lp151.2.21.1
postgresql10-plperl-10.15-lp151.2.21.1
postgresql10-plperl-debuginfo-10.15-lp151.2.21.1
postgresql10-plpython-10.15-lp151.2.21.1
postgresql10-plpython-debuginfo-10.15-lp151.2.21.1
postgresql10-pltcl-10.15-lp151.2.21.1
postgresql10-pltcl-debuginfo-10.15-lp151.2.21.1
postgresql10-server-10.15-lp151.2.21.1
postgresql10-server-debuginfo-10.15-lp151.2.21.1
postgresql10-test-10.15-lp151.2.21.1
- openSUSE Leap 15.1 (noarch):
postgresql10-docs-10.15-lp151.2.21.1
References:
https://www.suse.com/security/cve/CVE-2020-25694.html
https://www.suse.com/security/cve/CVE-2020-25695.html
https://www.suse.com/security/cve/CVE-2020-25696.html
https://bugzilla.suse.com/1178666
https://bugzilla.suse.com/1178667
https://bugzilla.suse.com/1178668
1
0
[opensuse-updates] openSUSE-RU-2020:2027-1: Recommended update for dehydrated
by maintenance@opensuse.org 26 Nov '20
by maintenance@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Recommended Update: Recommended update for dehydrated
______________________________________________________________________________
Announcement ID: openSUSE-RU-2020:2027-1
Rating: low
References: #1178927
Affected Products:
SUSE Package Hub for SUSE Linux Enterprise 12
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for dehydrated fixes the following issues:
- dehydrated-apache2: Check for mod_compat (boo#1178927)
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Package Hub for SUSE Linux Enterprise 12:
zypper in -t patch openSUSE-2020-2027=1
Package List:
- SUSE Package Hub for SUSE Linux Enterprise 12 (noarch):
dehydrated-0.6.5-8.1
dehydrated-apache2-0.6.5-8.1
References:
https://bugzilla.suse.com/1178927
1
0
[opensuse-updates] openSUSE-SU-2020:2029-1: important: Security update for postgresql12
by opensuse-security@opensuse.org 26 Nov '20
by opensuse-security@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Security Update: Security update for postgresql12
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:2029-1
Rating: important
References: #1178666 #1178667 #1178668
Cross-References: CVE-2020-25694 CVE-2020-25695 CVE-2020-25696
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for postgresql12 fixes the following issues:
- Upgrade to version 12.5:
* CVE-2020-25695, bsc#1178666: Block DECLARE CURSOR ... WITH HOLD and
firing of deferred triggers within index expressions and materialized
view queries.
* CVE-2020-25694, bsc#1178667: a) Fix usage of complex connection-string
parameters in pg_dump, pg_restore, clusterdb, reindexdb, and vacuumdb.
b) When psql's \connect command re-uses connection parameters, ensure
that all non-overridden parameters from a previous connection string
are re-used.
* CVE-2020-25696, bsc#1178668: Prevent psql's \gset command from
modifying specially-treated variables.
* Fix recently-added timetz test case so it works when the USA is not
observing daylight savings time.
* https://www.postgresql.org/about/news/2111/
* https://www.postgresql.org/docs/12/release-12-5.html
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2029=1
Package List:
- openSUSE Leap 15.1 (x86_64):
libecpg6-12.5-lp151.10.1
libecpg6-debuginfo-12.5-lp151.10.1
libpq5-12.5-lp151.10.1
libpq5-debuginfo-12.5-lp151.10.1
postgresql12-12.5-lp151.10.1
postgresql12-contrib-12.5-lp151.10.1
postgresql12-contrib-debuginfo-12.5-lp151.10.1
postgresql12-debuginfo-12.5-lp151.10.1
postgresql12-debugsource-12.5-lp151.10.1
postgresql12-devel-12.5-lp151.10.1
postgresql12-devel-debuginfo-12.5-lp151.10.1
postgresql12-llvmjit-12.5-lp151.10.1
postgresql12-llvmjit-debuginfo-12.5-lp151.10.1
postgresql12-plperl-12.5-lp151.10.1
postgresql12-plperl-debuginfo-12.5-lp151.10.1
postgresql12-plpython-12.5-lp151.10.1
postgresql12-plpython-debuginfo-12.5-lp151.10.1
postgresql12-pltcl-12.5-lp151.10.1
postgresql12-pltcl-debuginfo-12.5-lp151.10.1
postgresql12-server-12.5-lp151.10.1
postgresql12-server-debuginfo-12.5-lp151.10.1
postgresql12-server-devel-12.5-lp151.10.1
postgresql12-server-devel-debuginfo-12.5-lp151.10.1
postgresql12-test-12.5-lp151.10.1
- openSUSE Leap 15.1 (noarch):
postgresql12-docs-12.5-lp151.10.1
References:
https://www.suse.com/security/cve/CVE-2020-25694.html
https://www.suse.com/security/cve/CVE-2020-25695.html
https://www.suse.com/security/cve/CVE-2020-25696.html
https://bugzilla.suse.com/1178666
https://bugzilla.suse.com/1178667
https://bugzilla.suse.com/1178668
1
0
[opensuse-updates] openSUSE-SU-2020:2034-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 26 Nov '20
by opensuse-security@opensuse.org 26 Nov '20
26 Nov '20
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2020:2034-1
Rating: important
References: #1050549 #1067665 #1170630 #1172873 #1175306
#1175721 #1176855 #1176983 #1177397 #1177703
#1177819 #1177820 #1178182 #1178393 #1178589
#1178686 #1178765 #1178782 #1178838 #1178853
#1178854 #1178878 #1178886 #927455
Cross-References: CVE-2020-25669 CVE-2020-25704 CVE-2020-25705
CVE-2020-28915
Affected Products:
openSUSE Leap 15.1
______________________________________________________________________________
An update that solves four vulnerabilities and has 20 fixes
is now available.
Description:
The openSUSE Leap 15.1 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
- CVE-2020-28915: A buffer over-read (at the framebuffer layer) in the
fbcon code could be used by local attackers to read kernel memory, aka
CID-6735b4632def (bnc#1178886).
- CVE-2020-25669: A use-after-free in teardown paths of sunkbd was fixed
(bsc#1178182).
- CVE-2020-25705: A flaw in the way reply ICMP packets are limited in the
Linux kernel functionality was found that allowed to quickly scan open
UDP ports. This flaw allowed an off-path remote user to effectively
bypassing source port UDP randomization. The highest threat from this
vulnerability is to confidentiality and possibly integrity, because
software that relies on UDP source port randomization are indirectly
affected as well. Kernel versions may be vulnerable to this issue
(bnc#1175721 bnc#1178782).
- CVE-2020-25704: A a memory leak in perf_event_parse_addr_filter() was
foxed (bsc#1178393, CVE-2020-25704).
The following non-security bugs were fixed:
- ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
- bpf: Zero-fill re-used per-cpu map element (git-fixes).
- can: af_can: prevent potential access of uninitialized member in
canfd_rcv() (git-fixes).
- can: af_can: prevent potential access of uninitialized member in
can_rcv() (git-fixes).
- can: dev: can_restart(): post buffer from the right context (git-fixes).
- can: m_can: m_can_handle_state_change(): fix state change (git-fixes).
- can: m_can: m_can_stop(): set device to software init mode before
closing (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to
can_put_echo_skb() (git-fixes).
- can: peak_usb: fix potential integer overflow on shift of a int
(git-fixes).
- docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
- drbd: code cleanup by using sendpage_ok() to check page for
kernel_sendpage() (bsc#1172873).
- drm/i915: Break up error capture compression loops with cond_resched()
(git-fixes).
- drm/vc4: drv: Add error handding for bind (git-fixes).
- Drop sysctl files for dropped archs, add ppc64le and arm64
(bsc#1178838). Also fix the ppc64 page size.
- fs/proc/array.c: allow reporting eip/esp for all coredumping threads
(bsc#1050549).
- ftrace: Fix recursion check for NMI test (git-fixes).
- ftrace: Handle tracing when switching between context (git-fixes).
- futex: Do not enable IRQs unconditionally in put_pi_state()
(bsc#1067665).
- futex: Handle transient "ownerless" rtmutex state correctly
(bsc#1067665).
- hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).
- hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819,
bsc#1177820).
- hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819,
bsc#1177820).
- hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853,
bsc#1178854).
- hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854).
- hyperv_fb: Update screen_info after removing old framebuffer
(bsc#1175306).
- inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill()
(git-fixes).
- Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
- kthread_worker: prevent queuing delayed work from timer_fn when it is
being canceled (git-fixes).
- libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).
- locking/lockdep: Add debug_locks check in __lock_downgrade()
(bsc#1050549).
- locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count
(bsc#1050549).
- locktorture: Print ratio of acquisitions, not failures (bsc#1050549).
- mac80211: minstrel: fix tx status processing corner case (git-fixes).
- mac80211: minstrel: remove deferred sampling code (git-fixes).
- memcg: fix NULL pointer dereference in
__mem_cgroup_usage_unregister_event (bsc#1177703).
- mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs
(git-fixes).
- mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
- net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send
(bsc#1172873).
- net: ena: Capitalize all log strings and improve code readability
(bsc#1177397).
- net: ena: Change license into format to SPDX in all files (bsc#1177397).
- net: ena: Change log message to netif/dev function (bsc#1177397).
- net: ena: Change RSS related macros and variables names (bsc#1177397).
- net: ena: ethtool: Add new device statistics (bsc#1177397).
- net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
- net: ena: ethtool: convert stat_offset to 64 bit resolution
(bsc#1177397).
- net: ena: Fix all static chekers' warnings (bsc#1177397).
- net: ena: Remove redundant print of placement policy (bsc#1177397).
- net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
- netfilter: nat: can't use dst_hold on noref dst (bsc#1178878).
- net: introduce helper sendpage_ok() in include/linux/net.h
(bsc#1172873). kABI workaround for including mm.h in include/linux/net.h
(bsc#1172873).
- net/mlx4_core: Fix init_hca fields offset (git-fixes).
- net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
- NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION
(bsc#1170630).
- nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage()
(bsc#1172873).
- pinctrl: intel: Set default bias in case no particular value given
(git-fixes).
- powerpc/pseries/cpuidle: add polling idle for shared processor guests
(bsc#1178765 ltc#188968).
- powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293).
- powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293).
- regulator: avoid resolve_supply() infinite recursion (git-fixes).
- regulator: fix memory leak with repeated set_machine_constraints()
(git-fixes).
- regulator: ti-abb: Fix array out of bound read access on the first
transition (git-fixes).
- regulator: workaround self-referent regulators (git-fixes).
- Revert "cdc-acm: hardening against malicious devices" (git-fixes).
- ring-buffer: Fix recursion protection transitions between interrupt
context (git-fixes).
- scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map()
(bsc#1172873).
- scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported
(git-fixes).
- thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
(git-fixes).
- time: Prevent undefined behaviour in timespec64_to_ns() (git-fixes).
- USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
- usb: core: driver: fix stray tabs in error messages (git-fixes).
- usb: host: ehci-tegra: Fix error handling in tegra_ehci_probe()
(git-fixes).
- USB: serial: cyberjack: fix write-URB completion race (git-fixes).
- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters
(git-fixes).
- USB: serial: option: add Cellient MPL200 card (git-fixes).
- USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
(git-fixes).
- USB: serial: option: add Quectel EC200T module support (git-fixes).
- USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
- USB: serial: option: Add Telit FT980-KS composition (git-fixes).
- USB: serial: pl2303: add device-id for HP GC device (git-fixes).
- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host
(bsc#1175306).
- video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer
driver (bsc#1175306).
- video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs
(bsc#1175306).
- vt: Disable KD_FONT_OP_COPY (bsc#1178589).
- x86/kexec: Use up-to-dated screen_info copy to fill boot params
(bsc#1175306).
- xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes).
- xfs: fix flags argument to rmap lookup when converting shared file rmaps
(git-fixes).
- xfs: fix rmap key and record comparison functions (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2034=1
Package List:
- openSUSE Leap 15.1 (noarch):
kernel-devel-4.12.14-lp151.28.83.1
kernel-docs-4.12.14-lp151.28.83.1
kernel-docs-html-4.12.14-lp151.28.83.1
kernel-macros-4.12.14-lp151.28.83.1
kernel-source-4.12.14-lp151.28.83.1
kernel-source-vanilla-4.12.14-lp151.28.83.1
- openSUSE Leap 15.1 (x86_64):
kernel-debug-4.12.14-lp151.28.83.1
kernel-debug-base-4.12.14-lp151.28.83.1
kernel-debug-base-debuginfo-4.12.14-lp151.28.83.1
kernel-debug-debuginfo-4.12.14-lp151.28.83.1
kernel-debug-debugsource-4.12.14-lp151.28.83.1
kernel-debug-devel-4.12.14-lp151.28.83.1
kernel-debug-devel-debuginfo-4.12.14-lp151.28.83.1
kernel-default-4.12.14-lp151.28.83.1
kernel-default-base-4.12.14-lp151.28.83.1
kernel-default-base-debuginfo-4.12.14-lp151.28.83.1
kernel-default-debuginfo-4.12.14-lp151.28.83.1
kernel-default-debugsource-4.12.14-lp151.28.83.1
kernel-default-devel-4.12.14-lp151.28.83.1
kernel-default-devel-debuginfo-4.12.14-lp151.28.83.1
kernel-kvmsmall-4.12.14-lp151.28.83.1
kernel-kvmsmall-base-4.12.14-lp151.28.83.1
kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.83.1
kernel-kvmsmall-debuginfo-4.12.14-lp151.28.83.1
kernel-kvmsmall-debugsource-4.12.14-lp151.28.83.1
kernel-kvmsmall-devel-4.12.14-lp151.28.83.1
kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.83.1
kernel-obs-build-4.12.14-lp151.28.83.1
kernel-obs-build-debugsource-4.12.14-lp151.28.83.1
kernel-obs-qa-4.12.14-lp151.28.83.1
kernel-syms-4.12.14-lp151.28.83.1
kernel-vanilla-4.12.14-lp151.28.83.1
kernel-vanilla-base-4.12.14-lp151.28.83.1
kernel-vanilla-base-debuginfo-4.12.14-lp151.28.83.1
kernel-vanilla-debuginfo-4.12.14-lp151.28.83.1
kernel-vanilla-debugsource-4.12.14-lp151.28.83.1
kernel-vanilla-devel-4.12.14-lp151.28.83.1
kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.83.1
References:
https://www.suse.com/security/cve/CVE-2020-25669.html
https://www.suse.com/security/cve/CVE-2020-25704.html
https://www.suse.com/security/cve/CVE-2020-25705.html
https://www.suse.com/security/cve/CVE-2020-28915.html
https://bugzilla.suse.com/1050549
https://bugzilla.suse.com/1067665
https://bugzilla.suse.com/1170630
https://bugzilla.suse.com/1172873
https://bugzilla.suse.com/1175306
https://bugzilla.suse.com/1175721
https://bugzilla.suse.com/1176855
https://bugzilla.suse.com/1176983
https://bugzilla.suse.com/1177397
https://bugzilla.suse.com/1177703
https://bugzilla.suse.com/1177819
https://bugzilla.suse.com/1177820
https://bugzilla.suse.com/1178182
https://bugzilla.suse.com/1178393
https://bugzilla.suse.com/1178589
https://bugzilla.suse.com/1178686
https://bugzilla.suse.com/1178765
https://bugzilla.suse.com/1178782
https://bugzilla.suse.com/1178838
https://bugzilla.suse.com/1178853
https://bugzilla.suse.com/1178854
https://bugzilla.suse.com/1178878
https://bugzilla.suse.com/1178886
https://bugzilla.suse.com/927455
1
0