Package "less"

Name:	less
Description:	pager program similar to more
Latest version:	551-1ubuntu0.3
Release:	focal (20.04)
Level:	security
Repository:	main
Homepage:	http://www.greenwoodsoftware.com/less/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "less"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "less" in Focal

Repository	Area	Version
base	main	551-1
updates	main	551-1ubuntu0.3

Changelog

Version: 551-1ubuntu0.3 2024-04-29 12:06:58 UTC

less (551-1ubuntu0.3) focal-security; urgency=medium * SECURITY UPDATE: Arbitrary command execution - debian/patches/CVE-2024-32487.patch: Fix bug when viewing a file whose name contains a newline. - CVE-2024-32487 -- Fabian Toepfer <email address hidden> Sun, 28 Apr 2024 13:42:44 +0200

Source diff to previous version

CVE-2024-32487

less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation

Version: 551-1ubuntu0.2 2024-02-27 19:06:52 UTC

less (551-1ubuntu0.2) focal-security; urgency=medium * SECURITY UPDATE: Unsafe call and Possibly arbitrary code execution - debian/patches/CVE-2022-48624.patch: add shell-quote the filename when invoking LESSCLOSE in filename.c. - CVE-2022-48624 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 20 Feb 2024 09:00:07 -0300

CVE-2022-48624

close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.

About - Send Feedback to @ubuntu_updates

Package "less"

Links

Download "less"

Other versions of "less" in Focal

Changelog

Share this page

Bookmarks

Latest updates

updates

proposed

security

PPA updates