UbuntuUpdates.org

Package "needrestart"

Name: needrestart

Description:

check which daemons need to be restarted after library upgrades
Latest version: 3.6-7ubuntu4.3
Release: noble (24.04)
Level: security
Repository: main
Homepage: https://github.com/liske/needrestart

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "needrestart"

All arch deb package
APT INSTALL

Other versions of "needrestart" in Noble

Repository Area Version
base main 3.6-7ubuntu4
updates main 3.6-7ubuntu4.3
proposed main 3.6-7ubuntu4.2

Changelog

Version: 3.6-7ubuntu4.3 2024-11-19 19:07:20 UTC

  needrestart (3.6-7ubuntu4.3) noble-security; urgency=medium

  * SECURITY UPDATE: incorrect usage of PYTHONPATH environment variable
    - debian/patches/CVE-2024-48990.patch: chdir to a clean directory
      to avoid loading arbirary objects, sanitize PYTHONPATH before
      spawning a new python interpreter
    - CVE-2024-48990
  * SECURITY UPDATE: race condition for checking path to python
    - debian/patches/CVE-2024-48991.patch: sync path for both check
      and usage for python interpreter
    - CVE-2024-48991
  * SECURITY UPDATE: incorrect usage of RUBYLIB environment variable
    - debian/patches/CVE-2024-48992.patch: chdir to a clean directory
      to avoid loading arbirary objects, sanitize RUBYLIB before
      spawning a new ruby interpreter
    - CVE-2024-48992
  * SECURITY UPDATE: incorrect usage of Perl ScanDeps
    - debian/patches/CVE-2024-11003.patch: remove usage of ScanDeps
      to avoid parsing arbitrary code
    - CVE-2024-11003

 -- Sudhakar Verma <email address hidden> Thu, 14 Nov 2024 14:59:09 +0530


About   -   Send Feedback to @ubuntu_updates