Your message dated Sat, 09 Jul 2022 11:47:43 +0100
with message-id
<2280fe8c78e64b02a6c1d04c6dde5a32e342ba81.ca...@adam-barratt.org.uk>
and subject line Closing requests for updates included in 11.4
has caused the Debian Bug report #1011198,
regarding bullseye-pu: package needrestart/3.5-4+deb11u2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1011198: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011198
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian....@packages.debian.org
Usertags: pu
X-Debbugs-Cc: tho...@fiasko-nw.net
Hello,
we require a small update for stable of needrestart to fix #1005953
This update already includes the security update from yesterday (3.5-4+deb11u1),
to be on the safe side I attached the full debdiff (with the approved security
update).
[ Reason ]
It is required, because the initial changes were introduced with a systemd
update
[ Impact ]
Detection of restarts does not work as excepted in every case
[ Tests ]
Manual tested by myself, patch already in unstable/testing
[ Risks ]
No risk
[ Checklist ]
[x ] *all* changes are documented in the d/changelog
[x ] I reviewed all changes and I approve them
[x ] attach debdiff against the package in (old)stable
[x ] the issue is verified as fixed in unstable
diff -Naur tags/3.5-4/debian/changelog branches/bullseye/debian/changelog
--- tags/3.5-4/debian/changelog 2021-04-12 10:08:42.636804816 +0200
+++ branches/bullseye/debian/changelog 2022-05-18 08:34:23.358456321 +0200
@@ -1,3 +1,17 @@
+needrestart (3.5-4+deb11u2) bullseye; urgency=medium
+
+ * Add upstream patch 09-cgroupv2 to fix broken detection with cgroupv2.
+ Closes: #1005953
+
+ -- Patrick Matthäi <pmatth...@debian.org> Wed, 18 May 2022 08:32:47 +0200
+
+needrestart (3.5-4+deb11u1) bullseye-security; urgency=high
+
+ * Add patch 08-anchor-interp-re to fix not anchored regular expressions.
+ This fixes CVE-2022-30688.
+
+ -- Patrick Matthäi <pmatth...@debian.org> Thu, 13 May 2022 10:50:07 +0200
+
needrestart (3.5-4) unstable; urgency=medium
* New source only upload.
diff -Naur tags/3.5-4/debian/patches/08-anchor-interp-re.diff
branches/bullseye/debian/patches/08-anchor-interp-re.diff
--- tags/3.5-4/debian/patches/08-anchor-interp-re.diff 1970-01-01
01:00:00.000000000 +0100
+++ branches/bullseye/debian/patches/08-anchor-interp-re.diff 2022-05-18
08:31:50.143457667 +0200
@@ -0,0 +1,42 @@
+# Upstream patch to fix not anchored regular expressions.
+
+diff --git a/perl/lib/NeedRestart/Interp/Perl.pm
b/perl/lib/NeedRestart/Interp/Perl.pm
+index 40aabb4..5031679 100644
+--- a/perl/lib/NeedRestart/Interp/Perl.pm
++++ b/perl/lib/NeedRestart/Interp/Perl.pm
+@@ -43,7 +43,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+
+- return 1 if($bin =~ m@/usr/(local/)?bin/perl@);
++ return 1 if($bin =~ m@^/usr/(local/)?bin/perl(5[.\d]*)?$@);
+
+ return 0;
+ }
+diff --git a/perl/lib/NeedRestart/Interp/Python.pm
b/perl/lib/NeedRestart/Interp/Python.pm
+index 559666c..a30121d 100644
+--- a/perl/lib/NeedRestart/Interp/Python.pm
++++ b/perl/lib/NeedRestart/Interp/Python.pm
+@@ -42,7 +42,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+
+- return 1 if($bin =~ m@/usr/(local/)?bin/python@);
++ return 1 if($bin =~ m@^/usr/(local/)?bin/python([23][.\d]*)?$@);
+
+ return 0;
+ }
+diff --git a/perl/lib/NeedRestart/Interp/Ruby.pm
b/perl/lib/NeedRestart/Interp/Ruby.pm
+index d02973d..72920f3 100644
+--- a/perl/lib/NeedRestart/Interp/Ruby.pm
++++ b/perl/lib/NeedRestart/Interp/Ruby.pm
+@@ -42,7 +42,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+
+- return 1 if($bin =~ m@/usr/(local/)?bin/ruby@);
++ return 1 if($bin =~ m@^/usr/(local/)?bin/ruby$@);
+
+ return 0;
+ }
+
diff -Naur tags/3.5-4/debian/patches/09-cgroupv2.diff
branches/bullseye/debian/patches/09-cgroupv2.diff
--- tags/3.5-4/debian/patches/09-cgroupv2.diff 1970-01-01 01:00:00.000000000
+0100
+++ branches/bullseye/debian/patches/09-cgroupv2.diff 2022-05-18
08:32:21.755251053 +0200
@@ -0,0 +1,24 @@
+From 29fcd57cd89a962bb94adbf116acd9a61036b6eb Mon Sep 17 00:00:00 2001
+From: Thomas Liske <tho...@fiasko-nw.net>
+Date: Mon, 16 May 2022 20:00:17 +0200
+Subject: [PATCH] [Core] Make cgroup detection for services and user sessions
+ cgroup v2 aware.
+
+closes #203, closes #213
+---
+ needrestart | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/needrestart b/needrestart
+index 6bf2e6b..bc690aa 100755
+--- a/needrestart
++++ b/needrestart
+@@ -648,7 +648,7 @@ if(defined($opt_l)) {
+ my ($rc) = map {
+ chomp;
+ my ($id, $type, $value) = split(/:/);
+- if($type ne q(name=systemd)) {
++ if($id != 0 && $type ne q(name=systemd)) {
+ ();
+ }
+ else {
diff -Naur tags/3.5-4/debian/patches/series
branches/bullseye/debian/patches/series
--- tags/3.5-4/debian/patches/series 2021-04-12 10:08:42.636804816 +0200
+++ branches/bullseye/debian/patches/series 2022-05-18 08:32:36.875152228
+0200
@@ -5,3 +5,5 @@
05-ignore-nvidia-memfd.diff
06-dont-restart-bluetooth.diff
07-runit.diff
+08-anchor-interp-re.diff
+09-cgroupv2.diff
--- End Message ---
--- Begin Message ---
Package: release.debian.org
Version: 11.4
(re-sending with fixed bug numbers)
Hi,
The updates discussed in these bugs were included in today's bullseye
point release.
Regards,
Adam
--- End Message ---
