SUSE-SU-2024:1189-1 Security update for less

This update for less fixes the following issues: - CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters bsc1219901...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...

RHEL 9 : less (RHSA-2024:1692)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1692 advisory. The less utility is a text file browser that resembles more, but allows users to move backwards in the file as well as forwards. Since less does not...

RLSA-2024:1610 Moderate: less security update

The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors. Security Fixes: less: missing quoting of shell...

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...