XPost: linux.debian.devel.release
Package: release.debian.org
Severity: normal
User:
[email protected]
Usertags: unblock
X-Debbugs-Cc:
[email protected]
Control: affects -1 + src:htop
Please unblock package htop
I have backported a fix against a segfault happening in parsing the
Command line of processes from upstream commit
https://github.com/htop-dev/htop/commit/d2617e25081a1573081f165c9baae28f87970639
.
[ Reason ]
User triggerable segfault
[ Impact ]
htop can segfault when parameters of viewed process lines start with a blank
[ Tests ]
none
[ Risks ]
none, very small targeted fix
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock htop/3.4.1-5
# debdiff htop_3.4.1-4.dsc htop_3.4.1-5.dsc
diff -Nru htop-3.4.1/debian/changelog htop-3.4.1/debian/changelog
--- htop-3.4.1/debian/changelog 2025-04-25 22:56:00.000000000 +0200
+++ htop-3.4.1/debian/changelog 2025-07-11 10:48:00.000000000 +0200
@@ -1,3 +1,9 @@
+htop (3.4.1-5) unstable; urgency=medium
+
+ * Fix stack buffer overflow in CommandScreen
+
+ -- Daniel Lange <
[email protected]> Fri, 11 Jul 2025 10:48:00 +0200
+
htop (3.4.1-4) unstable; urgency=medium
* Fix temperature reading on older Intel CPUs
diff -Nru htop-3.4.1/debian/patches/003-fix-stack-buffer-overflow.patch htop-3.4.1/debian/patches/003-fix-stack-buffer-overflow.patch
--- htop-3.4.1/debian/patches/003-fix-stack-buffer-overflow.patch
1970-01-01 01:00:00.000000000 +0100
+++ htop-3.4.1/debian/patches/003-fix-stack-buffer-overflow.patch
2025-07-11 10:46:04.000000000 +0200
@@ -0,0 +1,36 @@
+From d2617e25081a1573081f165c9baae28f87970639 Mon Sep 17 00:00:00 2001
+From: Benny Baumann <
[email protected]>
+Date: Fri, 11 Jul 2025 01:13:13 +0200
+Subject: [PATCH] Avoid stack buffer overflow in CommandScreen
+
+This can be trigge