Debian Security Advisory 5679-1

Debian Security Advisory 5679-1: Posted May 6, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5679-1 - Several vulnerabilities were discovered in less, a file pager, which may result in the execution of arbitrary commands if a file with a specially crafted file name is processed.; tags | advisory, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2022-48624, CVE-2024-32487; SHA-256 | 1adb47345cdc4219b61c72f0d20b12f740386e08a0db134cff55f7ad9414852d; Download | Favorite | View

Debian Security Advisory 5679-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5679-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 03, 2024                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : less
CVE ID         : CVE-2022-48624 CVE-2024-32487
Debian Bug     : 1064293 1068938 1069681

Several vulnerabilities were discovered in less, a file pager, which may
result in the execution of arbitrary commands if a file with a specially
crafted file name is processed.

For the oldstable distribution (bullseye), these problems have been fixed
in version 551-2+deb11u2.

For the stable distribution (bookworm), these problems have been fixed in
version 590-2.1~deb12u2.

We recommend that you upgrade your less packages.

For the detailed security status of less please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/less

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmY1UxpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Rt9Q//RATJdOip2H457Vmye1lZb/mUKci2CJBtj5/JOE1MVH8B0w/Vv5EIWCCa
MaBzfq3Wv9FmkLMIkfLp1IbM1KZ20+tVz9rz2tVHq0vp+fSjw8wurBv4AoFiRyI8
pFwTzXEtwWVPVBhsquvOXLNVuOyNBq4fmAc8ETccvhcm9rODsEh4gxKR/BURJxPF
jckpSv2EnEx/EEwSdFCaeJ5mjGDVN+Sd4V1LldyDLGCbRfY0RuC1hzGsX99o5NZ9
IEt2ZNQ+9OVQQCcpC6ayKtOkPFGKcRKTxhWZ2Q2gNl6tb0bYaQygHlxxRhiqok3G
li898tnb+nI/ZlksblIn6gUwEzBH2a5P0/LJg4iF/N1htz2fv1C+/C8/AVvE9iBr
lTV7RAo1xaIuV4yAgFsv+XJ7YsWtJKSwXkSRHAlcU3OGNmtQUxs6iQUrRJ97ax9L
0O/3wh7dXbmkU42EZlybTxYh7eMi074PzLva7t0im8KwC5sjvH7yLe6jLXCJ2+Kx
4apKfxPwTYn0bBqaeNgBBFHWwlYn+Rkofo4N5VdbFDWaMwctZ2FFLrpn3LQ3Mojn
ssgf/uchU1M8Vpjp01H3Jr0S97nz5cCwE+LlFddMNVlqNL/hA1xU8zNkyRLJcFai
JQVhtvLmuSFOW+FtvTjBB09T3o8lbPKYHacO1/h8/ZB+TKqlwQo=tUOa
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 324 files
Ubuntu 49 files
Gentoo 32 files
Debian 21 files
Apple 9 files
malvuln 6 files
nu11secur1ty 5 files
Google Security Research 4 files
Jann Horn 4 files
Adam Gowdiak 4 files

File Archives

Systems

AIX (429)
Apple (2,088)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,044)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,776)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,910)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,514)
UNIX (9,404)
UnixWare (187)
Windows (6,660)
Other

Debian Security Advisory 5679-1

Debian Security Advisory 5679-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5679-1

Share This

Debian Security Advisory 5679-1

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems