UbuntuUpdates.org

Package "nano"

Name: nano

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • small, friendly text editor inspired by Pico - tiny build

Latest version: 6.2-1ubuntu0.1
Release: jammy (22.04)
Level: updates
Repository: universe

Links



Other versions of "nano" in Jammy

Repository Area Version
base main 6.2-1
base universe 6.2-1
security main 6.2-1ubuntu0.1
security universe 6.2-1ubuntu0.1
updates main 6.2-1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 6.2-1ubuntu0.1 2024-10-15 16:08:05 UTC

  nano (6.2-1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Emergency file could be replaced by a malicious symlink.
    - debian/patches/CVE-2024-5742.patch: Use fchmod and fchown in write_file()
      in src/files.c instead of using chmod and chown in emergency_save() in
      src/nano.c. Add EMERGENCY write type in kind_of_writing_type enum in
      src/definitions.h. Update fd in write_file() in src/files.c. Based on
      upstream.
    - CVE-2024-5742

 -- Hlib Korzhynskyy <email address hidden> Thu, 10 Oct 2024 11:09:30 -0230

CVE-2024-5742 A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing



About   -   Send Feedback to @ubuntu_updates