[ALSA-2024:9430] Low: nano security update
Type:
security
Severity:
low
Release date:
2024-11-18
Description:
GNU nano is a small and friendly text editor. Security Fix(es): * nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file (CVE-2024-5742) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 nano-5.6.1-6.el9.aarch64.rpm b3355a86bf4147653c6f704d209cc675c13b525b34dadd23403c5e6ad80054f4
ppc64le nano-5.6.1-6.el9.ppc64le.rpm 9e0530630eb1ecbbc70d462ec0df30d4744e349ce43b2510c148b8a15fd3379a
s390x nano-5.6.1-6.el9.s390x.rpm 8442445c95d9f643547c9159f5eff84bab21ee1fc5b11d2b3099d0c91e894f09
x86_64 nano-5.6.1-6.el9.x86_64.rpm 30234cc14099a08a96b115233e1826c119c98c46239b627fc9af312bd895c335
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.