UbuntuUpdates.org

Package "needrestart"

Name: needrestart

Description:

check which daemons need to be restarted after library upgrades

Latest version: 3.6-8ubuntu4.2
Release: oracular (24.10)
Level: security
Repository: main
Homepage: https://github.com/liske/needrestart

Links


Download "needrestart"


Other versions of "needrestart" in Oracular

Repository Area Version
base main 3.6-8ubuntu4
updates main 3.6-8ubuntu4.2
proposed main 3.6-8ubuntu4.1

Changelog

Version: 3.6-8ubuntu4.2 2024-11-19 19:07:21 UTC

  needrestart (3.6-8ubuntu4.2) oracular-security; urgency=medium

  * SECURITY UPDATE: incorrect usage of PYTHONPATH environment variable
    - debian/patches/CVE-2024-48990.patch: chdir to a clean directory
      to avoid loading arbirary objects, sanitize PYTHONPATH before
      spawning a new python interpreter
    - CVE-2024-48990
  * SECURITY UPDATE: race condition for checking path to python
    - debian/patches/CVE-2024-48991.patch: sync path for both check
      and usage for python interpreter
    - CVE-2024-48991
  * SECURITY UPDATE: incorrect usage of RUBYLIB environment variable
    - debian/patches/CVE-2024-48992.patch: chdir to a clean directory
      to avoid loading arbirary objects, sanitize RUBYLIB before
      spawning a new ruby interpreter
    - CVE-2024-48992
  * SECURITY UPDATE: incorrect usage of Perl ScanDeps
    - debian/patches/CVE-2024-11003.patch: remove usage of ScanDeps
      to avoid parsing arbitrary code
    - CVE-2024-11003

 -- Sudhakar Verma <email address hidden> Wed, 13 Nov 2024 17:03:15 +0530




About   -   Send Feedback to @ubuntu_updates