Nano is now part of Apache CouchDB.
Security Fix(es):
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.(CVE-2024-5742)
{ "severity": "Medium" }
{ "src": [ "nano-8.0-1.oe2003sp4.src.rpm" ], "x86_64": [ "nano-8.0-1.oe2003sp4.x86_64.rpm", "nano-debuginfo-8.0-1.oe2003sp4.x86_64.rpm", "nano-debugsource-8.0-1.oe2003sp4.x86_64.rpm" ], "noarch": [ "nano-help-8.0-1.oe2003sp4.noarch.rpm" ], "aarch64": [ "nano-8.0-1.oe2003sp4.aarch64.rpm", "nano-debuginfo-8.0-1.oe2003sp4.aarch64.rpm", "nano-debugsource-8.0-1.oe2003sp4.aarch64.rpm" ] }
{ "src": [ "nano-8.0-1.oe2203sp1.src.rpm" ], "x86_64": [ "nano-debuginfo-8.0-1.oe2203sp1.x86_64.rpm", "nano-8.0-1.oe2203sp1.x86_64.rpm", "nano-debugsource-8.0-1.oe2203sp1.x86_64.rpm" ], "noarch": [ "nano-help-8.0-1.oe2203sp1.noarch.rpm" ], "aarch64": [ "nano-8.0-1.oe2203sp1.aarch64.rpm", "nano-debuginfo-8.0-1.oe2203sp1.aarch64.rpm", "nano-debugsource-8.0-1.oe2203sp1.aarch64.rpm" ] }
{ "src": [ "nano-8.0-1.oe2203sp3.src.rpm" ], "x86_64": [ "nano-debuginfo-8.0-1.oe2203sp3.x86_64.rpm", "nano-debugsource-8.0-1.oe2203sp3.x86_64.rpm", "nano-8.0-1.oe2203sp3.x86_64.rpm" ], "noarch": [ "nano-help-8.0-1.oe2203sp3.noarch.rpm" ], "aarch64": [ "nano-8.0-1.oe2203sp3.aarch64.rpm", "nano-debugsource-8.0-1.oe2203sp3.aarch64.rpm", "nano-debuginfo-8.0-1.oe2203sp3.aarch64.rpm" ] }
{ "src": [ "nano-8.0-1.oe2403.src.rpm" ], "x86_64": [ "nano-debuginfo-8.0-1.oe2403.x86_64.rpm", "nano-8.0-1.oe2403.x86_64.rpm", "nano-debugsource-8.0-1.oe2403.x86_64.rpm" ], "noarch": [ "nano-help-8.0-1.oe2403.noarch.rpm" ], "aarch64": [ "nano-debuginfo-8.0-1.oe2403.aarch64.rpm", "nano-debugsource-8.0-1.oe2403.aarch64.rpm", "nano-8.0-1.oe2403.aarch64.rpm" ] }