FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Development

LinkBack Thread Tools
Old 04-18-2010, 05:20 PM
Andreas Radke
Default nano 2.2.4-1 (CVE fixes)

Please signoff this upstream update quickly.


2010.04.15 - GNU nano 2.2.4 is nobody's fool. First and foremost,
this relase includes some security fixes due to
an assessment of nano's vulnerability to symlink attacks
on open files. The CVEs fixed with this release are
CVE-2010-1160 and CVE-2010-1161. Also included are
fixes for various crash modes when using the spell checker
on new files in multibuffer mode (surely you've used
that combination recently? No?) as well as a fixing
the 'file was modified' message when saving to a
new filename (since how would nano know?). And
the list would not be complete without our
third-times-the-charm fixes to page up/down due to
the soft wrapping code. The lone new feature
included is a new syntax higlighting definition for
cmake-related files. Please do consider upgrading to
this release if still using the 2.0 series since
fixes for that version are still forthcoming.
Old 04-20-2010, 04:30 AM
"Allan McRae"
Default nano 2.2.4-1 (CVE fixes)

On 19/04/10 03:20, Andreas Radke wrote:

Please signoff this upstream update quickly.

Signoff both,

Thread Tools

All times are GMT. The time now is 05:34 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org