Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   ArchLinux Development (http://www.linux-archive.org/archlinux-development/)
-   -   nano 2.2.4-1 (CVE fixes) (http://www.linux-archive.org/archlinux-development/358580-nano-2-2-4-1-cve-fixes.html)

Andreas Radke 04-18-2010 05:20 PM

nano 2.2.4-1 (CVE fixes)
 
Please signoff this upstream update quickly.

-Andy

2010.04.15 - GNU nano 2.2.4 is nobody's fool. First and foremost,
this relase includes some security fixes due to
an assessment of nano's vulnerability to symlink attacks
on open files. The CVEs fixed with this release are
CVE-2010-1160 and CVE-2010-1161. Also included are
fixes for various crash modes when using the spell checker
on new files in multibuffer mode (surely you've used
that combination recently? No?) as well as a fixing
the 'file was modified' message when saving to a
new filename (since how would nano know?). And
the list would not be complete without our
third-times-the-charm fixes to page up/down due to
the soft wrapping code. The lone new feature
included is a new syntax higlighting definition for
cmake-related files. Please do consider upgrading to
this release if still using the 2.0 series since
fixes for that version are still forthcoming.

"Allan McRae" 04-20-2010 04:30 AM

nano 2.2.4-1 (CVE fixes)
 
On 19/04/10 03:20, Andreas Radke wrote:

Please signoff this upstream update quickly.



Signoff both,
Allan


All times are GMT. The time now is 10:29 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.