CLSA-2026-1779122764 nano: Fix of CVE-2024-5742

CVE-2024-5742: emergencysave applied chmod/chown to a path after the descriptor was closed, allowing a symlink swap to redirect the ownership change to an attacker-controlled file - Backport of upstream commit 5e7a3c2e from nano v8.0, adapted to the 5.6.1 codebase writefile signature predates the...

USN-7064-2 nano vulnerability

USN-7064-1 fixed a vulnerability in nano. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions grante...

USN-7064-1 nano vulnerability

It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink...

OPENSUSE-SU-2024:0157-1 Security update for nano

This update for nano fixes the following issues: - CVE-2024-5742: Avoid privilege escalations via symlink attacks on emergency save file boo1226099...