Your message dated Tue, 17 May 2022 16:04:24 +0000 with message-id <[email protected]> and subject line Bug#986507: fixed in needrestart 3.6-1 has caused the Debian Bug report #986507, regarding Fix insecure dependency - use 'grep -a' instead of binutils strings|grep to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 986507: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986507 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: needrestart Version: 3.5-2 Severity: wishlist Tags: patch I want check-support-status to be happy, but I need needrestart: bash5$ check-support-status Limited security support for one or more packages Unfortunately, it has been necessary to limit security support for some packages. The following packages found on this system are affected by this: * Source:binutils Details: Only suitable for trusted content; see https://lists.debian.org/msgid-search/[email protected] Affected binary packages: - binutils (installed version: 2.35.2-2) - binutils-common:amd64 (installed version: 2.35.2-2) - binutils-x86-64-linux-gnu (installed version: 2.35.2-2) - libbinutils:amd64 (installed version: 2.35.2-2) - libctf-nobfd0:amd64 (installed version: 2.35.2-2) - libctf0:amd64 (installed version: 2.35.2-2) bash5$ aptitude why binutils i needrestart Depends binutils AFAICT needrestart only needs binutils for strings(1), and only in one specific place. The attached patch that allows people to use llvm-strings instead. I haven't done extensive testing yet. FYI I also tried another approach here (much messier): https://github.com/trentbuck/binutils-is-llvm -- Package-specific info: needrestart output: Your outdated processes: at-spi-bus-laun[2960], at-spi2-registr[3055], dbus-daemon[2636, 2966], dconf-service[3022], emacs[9021], evolution-addre[3039], evolution-alarm[3112], evolution-calen[3027], evolution-sourc[3016], gdm-wayland-ses[2738], gjs[3053], gnome-session-b[2741, 2878], gnome-session-c[2872], gnome-shell[2959], gnome-shell-cal[3010], gnome-terminal-[3854], goa-daemon[2683], goa-identity-se[2694], gsd-a11y-settin[3070], gsd-color[3071], gsd-datetime[3073], gsd-disk-utilit[3106], gsd-housekeepin[3075], gsd-keyboard[3077], gsd-media-keys[3079], gsd-power[3092], gsd-print-notif[3095], gsd-printer[3196], gsd-rfkill[3098], gsd-screensaver[3100], gsd-sharing[3102], gsd-smartcard[3104], gsd-sound[3105], gsd-usb-protect[3117], gsd-wacom[3119], gsd-xsettings[3248], gvfs-afc-volume[2701], gvfsd[2658], gvfsd-fuse[2663], gvfsd-metadata[3264], gvfs-goa-volume[2679], gvfs-gphoto2-vo[2675], gvfs-mtp-volume[2718], gvfs-udisks2-vo[2669], ibus-daemon[3243], ibus-dconf[3272], ibus-engine-sim[3324], ibus-extension-[3273], ibus-portal[3289], ibus-x11[3279], pipewire[2629], pipewire-media-[2643], pulseaudio[2630], screen[3866, 3859], systemd[2608], tail[3867], tracker-miner-f[2632], Xwayland[2989] checkrestart output: -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (990, 'testing'), (500, 'testing-security'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-5-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages needrestart depends on: ii binutils 2.35.2-2 ii dpkg 1.20.7.1 ii gettext-base 0.21-4 ii libintl-perl 1.26-3 ii libmodule-find-perl 0.15-1 ii libmodule-scandeps-perl 1.30-1 ii libproc-processtable-perl 0.59-2+b1 ii libsort-naturally-perl 1.03-2 ii libterm-readkey-perl 2.38-1+b2 ii perl 5.32.1-3 ii xz-utils 5.2.5-2 Versions of packages needrestart recommends: ii libpam-systemd 247.3-3 Versions of packages needrestart suggests: ii iucode-tool 2.3.1-1 pn needrestart-session | libnotify-bin <none> -- no debconf informationdiff --git i/debian/control w/debian/control index 8a569b6..5bcf730 100644 --- i/debian/control +++ w/debian/control @@ -21,7 +21,7 @@ Depends: ${misc:Depends}, libmodule-scandeps-perl, libterm-readkey-perl, libmodule-find-perl, - binutils, + binutils | llvm, xz-utils Recommends: libpam-systemd | sysvinit-core Suggests: needrestart-session | libnotify-bin, diff --git i/lib/vmlinuz-get-version w/lib/vmlinuz-get-version index 22a4365..f35b5f8 100755 --- i/lib/vmlinuz-get-version +++ w/lib/vmlinuz-get-version @@ -20,7 +20,12 @@ get_version() { # search and output version string pattern - strings "$1" | grep -m 1 '^Linux version ' && exit 0 + if llvm-strings --version >/dev/null 2>&1 + then + llvm-strings "$1" + else + strings "$1" + fi | grep -m 1 '^Linux version ' && exit 0 } try_decompress()
--- End Message ---
--- Begin Message ---Source: needrestart Source-Version: 3.6-1 Done: Patrick Matthäi <[email protected]> We believe that the bug you reported is fixed in the latest version of needrestart, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Patrick Matthäi <[email protected]> (supplier of updated needrestart package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 17 May 2022 17:38:05 +0200 Source: needrestart Architecture: source Version: 3.6-1 Distribution: unstable Urgency: high Maintainer: Patrick Matthäi <[email protected]> Changed-By: Patrick Matthäi <[email protected]> Closes: 984789 986507 1005953 Changes: needrestart (3.6-1) unstable; urgency=high . * New upstream release. - Drop merged patch 02-ruby-relative-path. - Drop merged patch 03-fix-wrong-default-comment. - Drop merged patch 04-verbose-and-verbosity-confusion. - Drop merged patch 05-ignore-nvidia-memfd. - Drop merged patch 06-dont-restart-bluetooth. - Drop merged patch 07-runit. - Fixes CVE-2022-30688: Not anchored regular expressions. - Replace strings(1) by GNU grep to drop binutils dependency. Closes: #986507 - Fixes broken detection with cgroupv2. Closes: #1005953 - Fixes microcode warnings without using systemd, also add systemd or libimvirt-perl as recommends. Closes: #984789 * Bump Standards-Version to 4.6.1. * Merge 3.4-5+deb10u1 and 3.5-4+deb11u1 changelog. * Adjust mismatched lintian override. Checksums-Sha1: 9f7a4f6bc76ef50a42171533d6e4969146c3dce7 1817 needrestart_3.6-1.dsc 16e30b8c5ca9fb164587c1a18cbcceec3afa9d40 71159 needrestart_3.6.orig.tar.gz b87ebfbc4a20b821cd669b9d7dbb497a484fb5e0 9760 needrestart_3.6-1.debian.tar.xz 1dede4992c10f35dd40def1b36d48d9bf7ecf866 6622 needrestart_3.6-1_source.buildinfo Checksums-Sha256: 3a311d666f67da2d16ef67f7b6672d50c7cabcf8750d6e5d4796f3683b6e4273 1817 needrestart_3.6-1.dsc 3dced40d6116287b163da018d57014b0b7cee04794a95f8602126e2c296ed1a7 71159 needrestart_3.6.orig.tar.gz 02fdbe5c924681fb9ecb168d1c825578453948c9683f343f547df8e31ce4bfc4 9760 needrestart_3.6-1.debian.tar.xz 667e4295a308c3619b9ffc784679062838b1da82a0014cc0a64248008891f03e 6622 needrestart_3.6-1_source.buildinfo Files: ddf611a0575a1b5e00d2c92a017c320f 1817 admin optional needrestart_3.6-1.dsc 8ea62680286b44f7c1ffb8298ed99385 71159 admin optional needrestart_3.6.orig.tar.gz 69de230e89a57d2048cc8349e453e666 9760 admin optional needrestart_3.6-1.debian.tar.xz cf6521591bab28049b66ceaf85b68f5d 6622 admin optional needrestart_3.6-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEWKA9xYJCWk3IuQ4TEtmwSpDL2OQFAmKDwgIACgkQEtmwSpDL 2OSyWA//WXj5zOoVWhjDn9Ij9INWTJvyw4tZyQou/8mJKh9bDRaUcrM6Z46JQUZz BLyaYKA4YdjShp1gIcjK2l59HmkYk7exLvV+QnXy4g1HhxRGxFHzaq0TWTjnTXCf Z6S9zKuWCuMUSWgGBt+rJ/D/ZzovZUM+DTTPyunTk/RTxJ3prHI+1wPyZn0BenpP eHF6enok9aaqgHTzmJFC6RyX4suTK/F31Ym/i+dXQrXST6GsDaS1/LTytkTCbRyI ub+FV+KPitc/WO94KRgQevAHy8YVY5M3goE9a3q9uZ73d7fdtuJwpTHCrVtTNMbc i3zAwAfUCFnofasG1zeIz0sMBJ1fKOPnACXNMFZVXdEfj4fAZJbvLjcoGbDoCFDQ D1N1kshXqtV6aOrfGBZjVKEt7Zgjt+hnfA8wBVea1tPyjS+lTY2/kTkx91bZqjy3 hdAeE5WJYWiktKbTOWqNrYTE/xqVrC3w9XSzIGKlRp+VMOUQBrnj8KDl0IjYHIFl QbGNqhFjdhM4Z92d24RupBT9zlQl0pRW/m0D9AZ6vL5+nBBo9i9IWEd77beoWDkw qZALUOZ5I/EUkDQQ7wYXlk2DRgagz/7lFWC17xcbo+PIMOXGB3poSkGjmPdYAfnF R9VI45ByqmWSk72K0jfyHb4aItuTssMHg73rugO4OMPh8dqzMG8= =mTwS -----END PGP SIGNATURE-----
--- End Message ---

