-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-c94f884440 2024-09-22 02:03:26.291758 -------------------------------------------------------------------------------- Name : less Product : Fedora 39 Version : 633 Release : 4.fc39 URL : https://www.greenwoodsoftware.com/less/ Summary : A text file browser similar to more, but better Description : The less utility is a text file browser that resembles more, but has more capabilities. Less allows you to move backwards in the file as well as forwards. Since less doesn't have to read the entire input file before it starts, less starts up more quickly than text editors (for example, vi). You should install less because it is a basic utility for viewing text files, and you'll use it frequently. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2024-32487 - less with LESSOPEN mishandles \n in paths -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 21 2024 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 643-6 - fix CVE-2024-32487 - less with LESSOPEN mishandles \n in paths (#2274981) * Sun Jul 28 2024 Michal Hlavinka <mhlavink@xxxxxxxxxx> - 633-3 - fix incorrect display when filename contains control chars -------------------------------------------------------------------------------- References: [ 1 ] Bug #2274980 - CVE-2024-32487 less: OS command injection https://bugzilla.redhat.com/show_bug.cgi?id=2274980 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-c94f884440' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
