[ALSA-2024:6986] Low: nano security update
Type:
security
Severity:
low
Release date:
2024-09-24
Description:
GNU nano is a small and friendly text editor. Security Fix(es): * nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file (CVE-2024-5742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 nano-2.9.8-3.el8_10.aarch64.rpm bb15ca03016616b3e18145fb7361a2c4fc2a9021ccef2c52997db1cf550efa10
ppc64le nano-2.9.8-3.el8_10.ppc64le.rpm 8a3882c771d7b09fa7aad2db345b1e29fc269727b0a9419af5aa8f0d639d9bfb
s390x nano-2.9.8-3.el8_10.s390x.rpm c9ead311f8ad1a309371ba62372504ec04ce1ab78440df6745df5727caaf9155
x86_64 nano-2.9.8-3.el8_10.x86_64.rpm 481194750424e4dbe7c14e0a19aabd415e48009872895dfd9229ff7d61c6e746
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.