[ALSA-2024:4256] Important: less security update
Type:
security
Severity:
important
Release date:
2024-07-03
Description:
The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors. Security Fix(es): * less: OS command injection (CVE-2024-32487) * less: missing quoting of shell metacharacters in LESSCLOSE handling (CVE-2022-48624) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 less-530-3.el8_10.aarch64.rpm ad520836d12b2f6442c49833c6ffda855431e5452c8133f9cff5dea2554e5a87
ppc64le less-530-3.el8_10.ppc64le.rpm 3e88e318060d0d211570902d6fafc23e0b918756cca6bd75fdf9c7ae7dea2d4e
s390x less-530-3.el8_10.s390x.rpm e6c2652a362d61f10cc598ac7bdd148206c3a3f0ec2fabb2a711035d0c4de0ec
x86_64 less-530-3.el8_10.x86_64.rpm cb48d3f265b2164e5e967c0c648c8cecbd7aca5faa065812560d14aa30a02a81
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.