less-530-2.el8_9

エラータID: AXSA:2024-7645:01

Release date: 
Thursday, April 4, 2024 - 10:56
Subject: 
less-530-2.el8_9
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The "less" utility is a text file browser that resembles "more", but allows users to move backwards in the file as well as forwards. Since "less" does not read the entire input file at startup, it also starts more quickly than ordinary text editors.

Security Fix(es):

* less: missing quoting of shell metacharacters in LESSCLOSE handling (CVE-2022-48624)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2022-48624
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.

Solution: 

Update packages.

CVEs: 
CVE-2022-48624
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.
Additional Info: 

N/A

Download: 

SRPMS
  1. less-530-2.el8_9.src.rpm
    MD5: 2224d4e54b18064878c1d68cd231965b
    SHA-256: aefbca26525601d7aed8f08ade2c48e091747d5371e1f61393bc61c64d7e3eaa
    Size: 370.65 kB

Asianux Server 8 for x86_64
  1. less-530-2.el8_9.x86_64.rpm
    MD5: 35bad1739c4d7134c043f530f5a8fbf5
    SHA-256: 0ddda765cb24cf1e1e6678bcfd6de4c9306ddaff9b14afe022d3559d4a6fcbdc
    Size: 163.04 kB