rclone uses weak random number generation such that generated passwords can be easily cracked.
|Package||net-misc/rclone on all architectures|
|Affected versions||< 1.53.3|
|Unaffected versions||>= 1.53.3|
rclone is a problem to sync files to and from various cloud storage providers.
Passwords generated with rclone were insecurely generated and are vulnerable to brute force attacks.
Data kept secret with a password generated by rclone may be disclosed to a local attacker.
There is no known workaround at this time.
All rclone users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/rclone-1.53.3"
July 08, 2021
July 08, 2021: 1