-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 12 Nov 2024 20:31:52 +0100 Source: needrestart Architecture: source Version: 3.7-3.1 Distribution: unstable Urgency: high Maintainer: Patrick Matthäi <pmatthaei@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Changes: needrestart (3.7-3.1) unstable; urgency=high . * Non-maintainer upload. * Address local privilege escalation vulnerabilities from any unprivileged user to root (CVE-2024-48990, CVE-2024-48992, CVE-2024-48991, CVE-2024-11003): - core: prevent race condition on /proc/$PID/exec evaluation - interp: do not set PYTHONPATH environment variable to prevent a LPE - interp: do not set RUBYLIB environment variable to prevent a LPE - interp: chdir into empty directory to prevent python parsing arbitrary files - interp: drop usage of Module::ScanDeps to prevent LPE * debian/control: Drop Depends on libmodule-scandeps-perl Checksums-Sha1: 2710b82de9837964290df21c96658b1a63c88ac0 1982 needrestart_3.7-3.1.dsc 6d3dcffffa2778c377e686aa116737df9b150512 15232 needrestart_3.7-3.1.debian.tar.xz 300406719ea2581e92cba886514f78334a9ef745 6220 needrestart_3.7-3.1_source.buildinfo Checksums-Sha256: 096e153ddddb21bf463694e1d212d0c9dbc466b2eea4e8270de5fa54ef1918ad 1982 needrestart_3.7-3.1.dsc 178aebb01fd6afb5087c3e8daaf1d9ee4506acc6d6546d043c09ef067420f9fa 15232 needrestart_3.7-3.1.debian.tar.xz 745e8e874bc64d4587283ebdb074f2af05d60666d014f17d197d7fb3caa10713 6220 needrestart_3.7-3.1_source.buildinfo Files: ea0bace28198b4644407a0e1f6ac032f 1982 admin optional needrestart_3.7-3.1.dsc af88feb200222b567d38e7be210021c9 15232 admin optional needrestart_3.7-3.1.debian.tar.xz a3067ac9c75f7ad346f2f8e2c7cd3afa 6220 admin optional needrestart_3.7-3.1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmc4xKBfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89Eo08P/R/akwptptm+n0wIidInnjnm6bE63xFH h0TRTv1rFQn7LmCr5/ASB6avWM+mEVlC5Wc7cMUcoZrkhAgh4b299M7XpGO3UtHD AS6rHf4m/dnvOLTw6Vo51GLEB0MLkbbpK1lgyPmmzLa0QACGwyYbX6zEYilzfFx7 Wnn5XdaXbNU8BIh1FTpzIrN38L/GeMjCJbe2QJNvL9NQCyoht8OKgRpvQBCM4o4x dQCpoEjg6DhdSEZ7ku+MYQQ4VGlcSU+PCzfkBCruDX7fopP74MsO6pS40PGbf9Du +QkFeA3Aw86FKSSqRal9b/JQUotV4kEqXndvO6aoh/2DxnfnYiSkOpkGYYNx2PV4 1JmOerXxKCuuomYVRiNL+lochZD1UaieEio4gewYQ2dpMrZSMeYy8dvUI7oHuWyM QM3FVgbfHrpuWP+Kn3dwGAGucxyZKzaBKWj9Ce0puk8qdZsgr1bq5Qu9gwUhVzQI dGV0PaJUXtcfWcUeeR/NivkGMpsCcYxLyEYUUFpbG/oTYLlXk8K1hBh/S471ier/ n+JkfEaBwkce1XOLtoFMAcPLuIunJV0ByAXNZ4zcsJKgLrfzTD3AMr8b8ody6WR7 QlF1rNy08LXogqbCcHANhUGj/4NnUP/nTnvmz9oS9Td2WnVUS0JYUUOuSdh5T7g+ H6lZg6Ok2TGJ =8sev -----END PGP SIGNATURE-----