[Bug 299627] Re: [CVE-2008-5076] htop does not filter non-printable characters in process names

Launchpad Bug Tracker Mon, 13 Apr 2009 07:30:39 -0700

This bug was fixed in the package htop - 0.6.6+svn20070915-1ubuntu0.2

---------------
htop (0.6.6+svn20070915-1ubuntu0.2) hardy-security; urgency=low


  * SECURITY UPDATE: Insufficient character filters in htop when displaying
    commands allowed programs that rewrite their program name to inject
    escape sequences. (LP: #299627)
    - CVE-2008-5076
    - Patch taken from upstream svn rev 148; applied inline.

 -- Andreas Wenning <[email protected]>   Tue, 07 Apr 2009 17:43:47 +0200

** Changed in: htop (Ubuntu Hardy)
       Status: In Progress => Fix Released

** Changed in: htop (Ubuntu Intrepid)
       Status: In Progress => Fix Released

-- 
[CVE-2008-5076] htop does not filter non-printable characters in process names
https://bugs.launchpad.net/bugs/299627
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 299627] Re: [CVE-2008-5076] htop does not filter non-printable characters in process names

Reply via email to