UbuntuUpdates.org

Package "needrestart"

Name: needrestart

Description:

check which daemons need to be restarted after library upgrades
Latest version: 3.6-7ubuntu4.3
Release: noble (24.04)
Level: updates
Repository: main
Homepage: https://github.com/liske/needrestart

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "needrestart"

All arch deb package
APT INSTALL

Other versions of "needrestart" in Noble

Repository Area Version
base main 3.6-7ubuntu4
security main 3.6-7ubuntu4.3
proposed main 3.6-7ubuntu4.2

Changelog

Version: 3.6-7ubuntu4.3 2024-11-19 20:06:50 UTC

  needrestart (3.6-7ubuntu4.3) noble-security; urgency=medium

  * SECURITY UPDATE: incorrect usage of PYTHONPATH environment variable
    - debian/patches/CVE-2024-48990.patch: chdir to a clean directory
      to avoid loading arbirary objects, sanitize PYTHONPATH before
      spawning a new python interpreter
    - CVE-2024-48990
  * SECURITY UPDATE: race condition for checking path to python
    - debian/patches/CVE-2024-48991.patch: sync path for both check
      and usage for python interpreter
    - CVE-2024-48991
  * SECURITY UPDATE: incorrect usage of RUBYLIB environment variable
    - debian/patches/CVE-2024-48992.patch: chdir to a clean directory
      to avoid loading arbirary objects, sanitize RUBYLIB before
      spawning a new ruby interpreter
    - CVE-2024-48992
  * SECURITY UPDATE: incorrect usage of Perl ScanDeps
    - debian/patches/CVE-2024-11003.patch: remove usage of ScanDeps
      to avoid parsing arbitrary code
    - CVE-2024-11003

 -- Sudhakar Verma <email address hidden> Thu, 14 Nov 2024 14:59:09 +0530
Source diff to previous version
CVE-2024-48990 Qualys discovered that needrestart, before version 3.8, allows local a ...
CVE-2024-48991 Qualys discovered that needrestart, before version 3.8, allows local a ...
CVE-2024-48992 Qualys discovered that needrestart, before version 3.8, allows local a ...
CVE-2024-11003 Qualys discovered that needrestart, before version 3.8, passes unsanit ...

Version: 3.6-7ubuntu4.1 2024-07-31 08:07:06 UTC

  needrestart (3.6-7ubuntu4.1) noble; urgency=medium

  * Prevent needrestart restarting itself (LP: #2067482)
  * d/p/ubuntu-mode.patch: Don't touch /run/reboot-required on kernel updates
    (LP: #2065863)
  * Ubuntu mode: disable it if restart mode has been explicitly set
    (LP: #2068543)
  * Add some inline documentation for the Ubuntu mode (LP: #2068573)
  * Don't restart the google-guest-agent service (LP: #2063442)

 -- Simon Chopin <email address hidden> Fri, 14 Jun 2024 15:37:30 +0200
2067482 needrestart terminates itself on updates
2065863 needrestart causes kernel upgrade messages in motd
2068543 Config variable $nrconf{restart} is no longer accurate: it always restarts
2068573 needrestart: better document Ubuntu-specific behaviours
2063442 needrestart on Ubuntu 24.04 is restarting google-guest-agent startup and shutdown scrips on reinstall but they should not be restarted


About   -   Send Feedback to @ubuntu_updates