This bug was fixed in the package rclone - 1.60.1+dfsg-4ubuntu2.1
---------------
rclone (1.60.1+dfsg-4ubuntu2.1) questing-security; urgency=medium
* SECURITY UPDATE: authentication bypass in rcd leading to sensitive
operations and/or remote command execution (LP: #2152913)
- debian/patches/CVE-2026-41176.patch
- debian/patches/CVE-2026-41176-2.patch
- CVE-2026-41176
* SECUIRTY UPDATE: unauthenticated remote command execution in rcd
(LP: #2152914)
- debian/patches/CVE-2026-41179.patch
- CVE-2026-41179
-- Wesley Hershberger <[email protected]> Mon, 18 May
2026 10:53:07 -0500
** Changed in: rclone (Ubuntu Noble)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2152914
Title:
CVE-2026-41179
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rclone/+bug/2152914/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
