Nano security update: 2.2.4

Bug #564734 reported by Heimen Stoffels on 2010-04-16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nano (Debian)
Fix Released
nano (Ubuntu)

Bug Description

Nano 2.2.4 was released yesterday. This release includes security fixes due to an assessment of nano's vulnerability to symlink attacks.

So it either needs to be updated or Nano 2.2.2 from 10.04 needs to be patched to fix this security issue with Nano.

CVE References

visibility: private → public
affects: ubuntu → nano (Ubuntu)
Jordi Mallach (jordi) wrote :
Download full text (3.5 KiB)

Nano 2.2.4 is available from Debian unstable right now.

All changes from 2.2.2 to 2.2.4 are bugfixes, as it's a stable branch, which no translation changes, etc. ubuntu-security, please advise if you want a new release or a patch.

I'm pasting the changelog entries since upstream 2.2.2.

GNU nano 2.2.4 - 2010.04.15
2010-04-07 Chris Allegretta <email address hidden>
        * doc/man/nano.1,nanorc.5: Remove the backup file warnings now
          that a sufficient security fix exists for the backup file code.

2010-04-14 Chris Allegretta <email address hidden>
        * text.c (do_alt_speller): Skip invoking the alt speller if the file size
          is 0 bytes. Fixes Savannah bug 29393 reported by Mike Frysinger.
        * files.c (wirte_file): Don't set current_stat when tmp == TRUE, check
          whether current_stat is set when trying to use it, and don't do the
          modification check if the filename changed, since we have no way
          of knowing about it in that case. Fixes Savannah bug 29392, reported
          by Mike Frysinger. [CVE-2010-1160]

2010-04-13 Felipe Bugno <email address hidden>
        * doc/syntax/cmake.nanorc: Added cmake syntax highlighting file.

2010-04-09 Chris Allegretta <email address hidden>
        * files.c (do_writeout): Better security fixes for backup file writing,
          mangled from submission by Dan Rosenberg <dan.j.rosenberg at gmail>

2010-04-08 Chris Allegretta <email address hidden>
        * files.c (do_writeout): Previous fixes should not cause a crash
          when saving a new file. Discovered by Mike Frysinger <email address hidden>.

2010-04-07 Chris Allegretta <email address hidden>
        * doc/man/nano.1,nanorc.5: Add warnings about using backup
          mode as root due to the Dan Rosenberg security analysis.

2010-04-02 Chris Allegretta <email address hidden>
        * files.c (do_writeout): Expand modification check to include both the
          original file's device ID and inode number as reasons to warn the
          user that the file has been modified. Also abort on writing a backup
          file when its owner doesn't match the edited file. Based on security
          analysis on nano by Dan Rosenberg. [CVE-2010-1160]

2010-03-21 Chris Allegretta <email address hidden>
        * nano.c (page_stdin et al): Don't attempt to reset/reopen the terminal
          settings when reading stdin if it was aborted with SIGINT. May fix Savannah
          bug 29114 reported by Mike Frysinger.

2010-03-21 Mike Frysinger <email address hidden>
        * doc/syntax/c.nanorc: Add additional support for #include_next and #pragma

2010-03-21 Chris Allegretta <email address hidden>
        * move.c (do_page_up, do_page_down()): Explicitly set current_y to 0 when paging
          up when not in smooth scroll mode, as previous fixes would otherwise cause
          the cursor to not really be moved to the stop of the screen.

2010-03-07 Chris Allegretta <email address hidden>
        *, nano.c (handle_sigwinch): Create check for whether LINES and
          COLS can safely be redefined. Fixes compilation issues with cygwin, and likely
          with newer versions of ncurses, fixes Savannah bug ...


Changed in nano (Debian):
status: Unknown → Fix Released
Changed in nano (Ubuntu):
status: New → Confirmed
importance: Undecided → Low
Artur Rona (ari-tczew) wrote :

nano (2.2.4-1) unstable; urgency=low

  * The "905€" release.
  * New upstream release.
    - fixes minor security issues: symlink attack (CVE-2010-1160)
      and ownership of arbitrary files (CVE-2010-1161). Closes: #577817.

nano (2.2.3-1) unstable; urgency=low

  * The "Polop" release.
  * New upstream release.
  * Drop Build-Depends on groff; it was only needed to rebuild the
    modified manpages.
  * Nearly three years late, alpine-pico is finally playing the
    update-alternatives game and can now coexist with nano. Update
    our conflict accordingly. Thanks, Asheesh!
 -- Ubuntu Archive Auto-Sync <email address hidden> Sun, 09 May 2010 13:58:02 +0100

summary: - [needs-packaging] Nano security update: 2.2.4
+ Nano security update: 2.2.4
tags: added: upgrade
Changed in nano (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.