1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2024:1550-1

[SUSE-SU-2024:1550-1] Security update for less

Severity Important
Affected Packages 4
CVEs 1
Info Packages References Vulnerabilities

Security update for less

This update for less fixes the following issues:

  • CVE-2024-32487: Fixed mishandling of \n character in paths when LESSOPEN is set leads to OS command execution. (bsc#1222849)
Package Affected Version
pkg:rpm/suse/less?arch=x86_64&distro=sles-12&sp=5 < 458-7.15.1
pkg:rpm/suse/less?arch=s390x&distro=sles-12&sp=5 < 458-7.15.1
pkg:rpm/suse/less?arch=ppc64le&distro=sles-12&sp=5 < 458-7.15.1
pkg:rpm/suse/less?arch=aarch64&distro=sles-12&sp=5 < 458-7.15.1
ID
SUSE-SU-2024:1550-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2024/suse-su-20241550-1/
Published
2024-05-07T14:23:51
(4 months ago)
Modified
2024-05-07T14:23:51
(4 months ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/less?arch=x86_64&distro=sles-12&sp=5 suse less < 458-7.15.1 sles-12 x86_64
Affected pkg:rpm/suse/less?arch=s390x&distro=sles-12&sp=5 suse less < 458-7.15.1 sles-12 s390x
Affected pkg:rpm/suse/less?arch=ppc64le&distro=sles-12&sp=5 suse less < 458-7.15.1 sles-12 ppc64le
Affected pkg:rpm/suse/less?arch=aarch64&distro=sles-12&sp=5 suse less < 458-7.15.1 sles-12 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date