Ubuntu Security Notice USN-7064-2

==========================================================================Ubuntu Security Notice USN-7064-2October 29, 2024nano vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 14.04 LTSSummary:nano could be made to give users administrator privileges.Software Description:- nano: small, friendly text editor inspired by PicoDetails:USN-7064-1 fixed a vulnerability in nano. This update provides thecorresponding update for Ubuntu 14.04 LTS.Original advisory details:It was discovered that nano allowed a possible privilege escalationthrough an insecure temporary file. If nano was killed while editing, thepermissions granted to the emergency save file could be used by anattacker to escalate privileges using a malicious symlink.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 14.04 LTSnano 2.2.6-1ubuntu1+esm1Available with Ubuntu ProIn general, a standard system update will make all the necessary changes.References:https://ubuntu.com/security/notices/USN-7064-2https://ubuntu.com/security/notices/USN-7064-1CVE-2024-5742