This bug was fixed in the package htop - 0.8-0ubuntu1.1
--------------- htop (0.8-0ubuntu1.1) intrepid-security; urgency=low
* SECURITY UPDATE: Insufficient character filters in htop when displaying commands allowed programs that rewrite their program name to inject escape sequences. (LP: #299627) - CVE-2008-5076 - Patch taken from upstream svn rev 148; applied inline.
-- Andreas Wenning <email address hidden> Tue, 07 Apr 2009 17:34:27 +0200
This bug was fixed in the package htop - 0.8-0ubuntu1.1
---------------
htop (0.8-0ubuntu1.1) intrepid-security; urgency=low
* SECURITY UPDATE: Insufficient character filters in htop when displaying
commands allowed programs that rewrite their program name to inject
escape sequences. (LP: #299627)
- CVE-2008-5076
- Patch taken from upstream svn rev 148; applied inline.
-- Andreas Wenning <email address hidden> Tue, 07 Apr 2009 17:34:27 +0200