A filtering bypass in less may allow denial of service.
|Package||sys-apps/less on all architectures|
|Affected versions||< 608-r2|
|Unaffected versions||>= 608-r2|
less is a pager and text file viewer.
less suffered from a flaw in its terminal escape sequence handling which made its filtering incomplete.
Malicious input could clear the terminal output or otherwise manipulate it with faked interactions.
There is no known workaround at this time.
All less users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=sys-apps/less-608-r2"
October 10, 2023
October 10, 2023: 1