Updated nano packages fix security vulnerability

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

OPENSUSE-SU-2024:13954-1 gnu-recutils-1.9-1.1 on GA media

These are all security issues fixed in the gnu-recutils-1.9-1.1 package on the GA media of openSUSE Tumbleweed...

cockpit security update

An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

RLSA-2024:3667 Moderate: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...

GNU libcdio 安全漏洞

GNU libcdio is a library developed by the GNU Project for accessing CD-ROMs and CD images, and is mainly used to handle CD-ROM file system reading, directory structure parsing and other functions. A buffer overflow vulnerability exists in GNU libcdio, which can be exploited by an attacker to...

CVE-2023-52750

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPUBIGENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectly byte-swap NOP when compiling for big-endian, and the resulting series of bytes happened to match...

CVE-2024-36699

A flaw was found in GNU Debugger in versions 8.2 through 14.2. This issue contains a buffer overflow via the gdb.selectedinferior.readmemory component at utils.c...

CVE-2024-36699

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2024-36699

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2024-5742

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

AZL-42619 CVE-2024-5742 affecting package nano for versions less than 6.0-3

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

DEBIAN-CVE-2024-5742

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

CVE-2024-5742

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

UBUNTU-CVE-2024-5742

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

CVE-2024-5742 Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

CVE-2024-5742 Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

CVE-2024-5742

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...

[SECURITY] Fedora 39 Update: libarchive-3.7.1-2.fc39

Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants, several cpio formats, and both BSD and GNU ar variants. It can also write shar archives and read ISO9660 CDROM images and ZIP archives...

CVE-2024-36699

The connected records indicate a vulnerability in GNU Debugger (GDB) affecting versions 8.2 through 14.2, caused by a buffer overflow in gdb.selected_inferior().read_memory within utils.c. Red Hat notes a buffer overflow in this component; SUSE and OSV references reinforce the issue as CVE-2024-3...

Number withdrawn

GNU gdb is a GNU project debugger from the American GNU community. It supports debugging C, C++, Pascal, and FORTRAN programming languages. This CVE number has been withdrawn...