diff --git a/less-633-cve2024_32487prereq.patch b/less-633-cve2024_32487prereq.patch
new file mode 100644
index 0000000..c0b2a8a
--- /dev/null
+++ b/less-633-cve2024_32487prereq.patch
@@ -0,0 +1,17 @@
+diff -up less-633/prompt.c.cve_prereq less-633/prompt.c
+--- less-633/prompt.c.cve_prereq	2024-07-27 00:44:40.347267609 +0200
++++ less-633/prompt.c	2024-07-27 00:45:26.575783719 +0200
+@@ -36,6 +36,13 @@ extern char *editor;
+ extern char *editproto;
+ #endif
+ 
++typedef enum lbool { LFALSE, LTRUE } lbool;
++
++#undef  TRUE
++#define TRUE  LTRUE
++#undef  FALSE
++#define FALSE LFALSE
++
+ /*
+  * Prototypes for the three flavors of prompts.
+  * These strings are expanded by pr_expand().
diff --git a/less-654-cve2024_32487fix.patch b/less-654-cve2024_32487fix.patch
new file mode 100644
index 0000000..16ea423
--- /dev/null
+++ b/less-654-cve2024_32487fix.patch
@@ -0,0 +1,75 @@
+diff -up less-590/output.c.cve2024_32487fix less-590/output.c
+--- less-590/output.c.cve2024_32487fix	2021-06-03 19:45:48.000000000 +0200
++++ less-590/output.c	2024-08-06 21:41:26.672021477 +0200
+@@ -31,6 +31,7 @@ extern int so_s_width, so_e_width;
+ extern int screen_trashed;
+ extern int is_tty;
+ extern int oldbot;
++extern int utf_mode;
+ 
+ #if MSDOS_COMPILER==WIN32C || MSDOS_COMPILER==BORLANDC || MSDOS_COMPILER==DJGPPC
+ extern int ctldisp;
+@@ -562,6 +563,7 @@ less_printf(fmt, parg)
+ 	PARG *parg;
+ {
+ 	char *s;
++	constant char *es;
+ 	int col;
+ 
+ 	col = 0;
+@@ -578,11 +580,17 @@ less_printf(fmt, parg)
+ 			{
+ 			case 's':
+ 				s = parg->p_string;
++				es = s + strlen(s);
+ 				parg++;
+ 				while (*s != '\0')
+ 				{
+-					putchr(*s++);
+-					col++;
++					LWCHAR ch = step_char(&s, +1, es);
++					constant char *ps = utf_mode ? prutfchar(ch) : prchar(ch);
++					while (*ps != '\0')
++					{
++						putchr(*ps++);
++						col++;
++					}
+ 				}
+ 				break;
+ 			case 'd':
+diff -up less-590/prompt.c.cve2024_32487fix less-590/prompt.c
+--- less-590/prompt.c.cve2024_32487fix	2024-08-06 16:14:26.980780434 +0200
++++ less-590/prompt.c	2024-08-06 21:43:10.415868469 +0200
+@@ -29,6 +29,7 @@ extern int hshift;
+ extern int sc_height;
+ extern int jump_sline;
+ extern int less_is_more;
++extern int utf_mode;
+ extern IFILE curr_ifile;
+ #if EDITOR
+ extern char *editor;
+@@ -90,13 +91,17 @@ init_prompt(VOID_PARAM)
+ ap_str(s)
+ 	char *s;
+ {
+-	int len;
+-
+-	len = (int) strlen(s);
+-	if (mp + len >= message + PROMPT_SIZE)
+-		len = (int) (message + PROMPT_SIZE - mp - 1);
+-	strncpy(mp, s, len);
+-	mp += len;
++	constant char *es = s + strlen(s);
++	while (*s != '\0')
++	{
++		LWCHAR ch = step_char(&s, +1, es);
++		constant char *ps = utf_mode ? prutfchar(ch) : prchar(ch);
++		size_t plen = strlen(ps);
++		if (mp + plen >= message + PROMPT_SIZE)
++			break;
++		strcpy(mp, ps);
++		mp += plen;
++	}
+ 	*mp = '\0';
+ }
+ 
diff --git a/less-654-cve2024_32487regrfix.patch b/less-654-cve2024_32487regrfix.patch
new file mode 100644
index 0000000..7ecc4ff
--- /dev/null
+++ b/less-654-cve2024_32487regrfix.patch
@@ -0,0 +1,65 @@
+diff -up less-590/prompt.c.cve2024_32487regrfix less-590/prompt.c
+--- less-590/prompt.c.cve2024_32487regrfix	2024-08-06 21:43:33.716058700 +0200
++++ less-590/prompt.c	2024-08-06 21:48:58.264708406 +0200
+@@ -86,17 +86,30 @@ init_prompt(VOID_PARAM)
+ 
+ /*
+  * Append a string to the end of the message.
++ * nprt means the character *may* be nonprintable
++ * and should be converted to printable form.
+  */
+-	static void
+-ap_str(s)
+-	char *s;
++static void ap_estr(char *s, lbool nprt)
+ {
+ 	constant char *es = s + strlen(s);
+ 	while (*s != '\0')
+ 	{
+ 		LWCHAR ch = step_char(&s, +1, es);
+-		constant char *ps = utf_mode ? prutfchar(ch) : prchar(ch);
+-		size_t plen = strlen(ps);
++		constant char *ps;
++		char ubuf[MAX_UTF_CHAR_LEN+1];
++		size_t plen;
++
++		if (nprt)
++		{
++			ps = utf_mode ? prutfchar(ch) : prchar(ch);
++		} else
++		{
++			char *up = ubuf;
++			put_wchar(&up, ch);
++			*up = '\0';
++			ps = ubuf;
++		}
++		plen = strlen(ps);
+ 		if (mp + plen >= message + PROMPT_SIZE)
+ 			break;
+ 		strcpy(mp, ps);
+@@ -104,6 +117,12 @@ ap_str(s)
+ 	}
+ 	*mp = '\0';
+ }
++ 
++static void ap_str(char *s)
++{
++	ap_estr(s, FALSE);
++}
++
+ 
+ /*
+  * Append a character to the end of the message.
+@@ -316,10 +335,10 @@ protochar(c, where, iseditproto)
+ 		break;
+ #endif
+ 	case 'f': /* File name */
+-		ap_str(get_filename(curr_ifile));
++		ap_estr(get_filename(curr_ifile), TRUE);
+ 		break;
+ 	case 'F': /* Last component of file name */
+-		ap_str(last_component(get_filename(curr_ifile)));
++		ap_estr(last_component(get_filename(curr_ifile)), TRUE);
+ 		break;
+ 	case 'g': /* Shell-escaped file name */
+ 		s = shell_quote(get_filename(curr_ifile));
diff --git a/less.spec b/less.spec
index 087f65f..41d8256 100644
--- a/less.spec
+++ b/less.spec
@@ -1,7 +1,7 @@
 Summary: A text file browser similar to more, but better
 Name: less
 Version: 590
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv3+ or BSD
 Source0: https://www.greenwoodsoftware.com/less/%{name}-%{version}.tar.gz
 Source1: lesspipe.sh
@@ -17,6 +17,10 @@ Patch10: less-458-lesskey-usage.patch
 Patch11: less-458-old-bot-in-help.patch
 Patch12: less-590-CVE-2022-46663.patch
 Patch13: less-590-CVE-2022-48624.patch
+# from upstream, for less < 661 , RHEL-32739
+Patch14: less-633-cve2024_32487prereq.patch
+Patch15: less-654-cve2024_32487fix.patch
+Patch16: less-654-cve2024_32487regrfix.patch
 URL: https://www.greenwoodsoftware.com/less/
 BuildRequires: ncurses-devel
 BuildRequires: autoconf automake libtool
@@ -34,16 +38,19 @@ files, and you'll use it frequently.
 
 %prep
 %setup -q
-%patch4 -p1 -b .time
-%patch5 -p1 -b .fsync
-%patch6 -p1 -b .manpage-add-old-bot-option
-%patch7 -p1 -b .help
-%patch8 -p1 -b .lessecho-usage
-%patch9 -p1 -b .less-filters-man
-%patch10 -p1 -b .lesskey-usage
-%patch11 -p1 -b .old-bot
-%patch12 -p1 -b .CVE-2022-46663
-%patch13 -p1 -b .CVE-2022-48624
+%patch -P 4 -p1 -b .time
+%patch -P 5 -p1 -b .fsync
+%patch -P 6 -p1 -b .manpage-add-old-bot-option
+%patch -P 7 -p1 -b .help
+%patch -P 8 -p1 -b .lessecho-usage
+%patch -P 9 -p1 -b .less-filters-man
+%patch -P 10 -p1 -b .lesskey-usage
+%patch -P 11 -p1 -b .old-bot
+%patch -P 12 -p1 -b .CVE-2022-46663
+%patch -P 13 -p1 -b .CVE-2022-48624
+%patch -P 14 -p1 -b .cve2024_32487prereq
+%patch -P 15 -p1 -b .cve2024_32487fix
+%patch -P 16 -p1 -b .cve2024_32487regrfix
 
 
 %build
@@ -67,6 +74,9 @@ install -p -m 644 %{SOURCE3} $RPM_BUILD_ROOT/etc/profile.d
 %{_mandir}/man1/*
 
 %changelog
+* Tue Aug 06 2024 Michal Hlavinka <mhlavink@redhat.com> - 590-4
+- fix less with LESSOPEN allowing command injection (CVE-2024-32487) (RHEL-32739)
+
 * Wed Feb 21 2024 Matej Mužila <mmuzila@redhat.com> 590-3
 - Fix CVE-2022-48624
 - Resolves: RHEL-26265