How to deal with GNU nano Security Issues: CVE-2010-1160 and CVE-2010-1161 ?

Issue

• Does Red Hat have an update to resolve below problems?

Red Hat Enterprise Linux Server 5.9 
GNU nano Two Security Issues    
CVE-2010-1160, CVE-2010-1161        

"nano is a small, free and friendly editor which aims to replace Pico, the default editor included in the non-free Pine package.

The following security issues have been reported in GNU nano: 
- The application does not properly verify if the file currently being edited has been changed outside the context of the current editing session before writing to it, which can be exploited to overwrite arbitrary files via symlink attacks.

- A race condition exists when creating backup files, which can be exploited to take the ownership of arbitrary files via symlink attacks. 
Successful exploitation requires that the victim is tricked into editing files owned by the attacker and that the backup functionality is enabled."
These issues can be exploited by malicious, local users to perform certain actions with escalated privileges.

- "These issues are fixed in nano version 2.2.4 and later.
The update is available from the GNU nano's [Download Web site](http://www.nano-editor.org/download.php).

Patch: Following are links for downloading patches to fix the vulnerabilities:
[nano 2.2.4](http://www.nano-editor.org/download.php)"  

"nano -V|grep ""GNU nano""
GNU nano version 1.3.12 (compiled 12:58:30, Jul 12 2006)"