Heya! Long time no see.
I’ve just made an
about CVE-2013-1436. It was quite interesting to discover and
with a fix is already available. If you use
xmonad along with
dzen, you should patch and re-compile your
xmonad binary as soon as
posible, or you’ll be exposed to a remote command injection vulnerability.