Package: nano Tags: security | Two issues were recently addressed upstream for GNU nano to provide | better security when editing files owned by other untrusted users, | especially when editing as root. I'm not sure if either of these | issues require CVE identifiers due to the narrow circumstances in | which they can be exploited, but I figured I'd leave that up to you. | | Changelog is at | http://svn.savannah.gnu.org/viewvc/trunk/nano/ChangeLog?root=nano&view=log, | relevant entries at revisions 4490, 4491, 4493, and 4496.
<http://www.openwall.com/lists/oss-security/2010/04/14/4>, see the followup <http://www.openwall.com/lists/oss-security/2010/04/14/6> for CVE IDs. This should be fixed for lenny through stable-proposed-updates because those issues seem to be minor. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
