needrestart (3.6-4+deb12u3) bookworm-security; urgency=high
* Non-maintainer upload by the Security Team.
* core: fix regression of false positives for processes running in chroot or
mountns (Closes: #1087918, #1088047, #1088012, #1087917, #1087958,
#1087957)
-- Salvatore Bonaccorso <carnil@debian.org> Mon, 02 Dec 2024 20:52:03 +0100
needrestart (3.6-4+deb12u2) bookworm-security; urgency=high
* Non-maintainer upload by the Security Team.
* Address local privilege escalation vulnerabilities from any unprivileged
user to root (CVE-2024-48990, CVE-2024-48992, CVE-2024-48991,
CVE-2024-11003):
- core: prevent race condition on /proc/$PID/exec evaluation
- interp: do not set PYTHONPATH environment variable to prevent a LPE
- interp: do not set RUBYLIB environment variable to prevent a LPE
- interp: chdir into empty directory to prevent python parsing arbitrary
files
- interp: drop usage of Module::ScanDeps to prevent LPE
* debian/control: Drop Depends on libmodule-scandeps-perl
-- Salvatore Bonaccorso <carnil@debian.org> Tue, 12 Nov 2024 20:51:08 +0100
needrestart (3.6-4+deb12u1) bookworm; urgency=medium
* fix microcode check regression on AMD CPUs (Closes: #1013285)
-- Antoine Beaupré <anarcat@debian.org> Wed, 15 Nov 2023 15:05:37 -0500
needrestart (3.6-4) unstable; urgency=medium
* Remove leftover conffile 30-pacman with 3.6-4.
Closes: #1036526
* Add patch 03-ignore-serial-getty from Helmut Grohne to ignore serial-getty.
Closes: #1035721
* Add upstream patch 04-vm-detection to fix a typo, which prevents the VM and
microcode detection.
Closes: #1026026
-- Patrick Matthäi <pmatthaei@debian.org> Wed, 31 May 2023 16:47:03 +0200
needrestart (3.6-3) unstable; urgency=medium
* Adjust debian/watch to work again with GitHub.
* Bump Standards-Version to 4.6.2.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 12 Jan 2023 11:08:33 +0100
needrestart (3.6-2) unstable; urgency=medium
* Merge 3.5-4+deb11u2 changelog.
* Adjust renamed lintian tag name in override.
* Add patch 02-bash-term-in-posix-shell to fix a bashism.
* Adjust lintian overrides.
-- Patrick Matthäi <pmatthaei@debian.org> Wed, 14 Sep 2022 14:37:50 +0200
needrestart (3.6-1) unstable; urgency=high
* New upstream release.
- Drop merged patch 02-ruby-relative-path.
- Drop merged patch 03-fix-wrong-default-comment.
- Drop merged patch 04-verbose-and-verbosity-confusion.
- Drop merged patch 05-ignore-nvidia-memfd.
- Drop merged patch 06-dont-restart-bluetooth.
- Drop merged patch 07-runit.
- Fixes CVE-2022-30688: Not anchored regular expressions.
- Replace strings(1) by GNU grep to drop binutils dependency.
Closes: #986507
- Fixes broken detection with cgroupv2.
Closes: #1005953
- Fixes microcode warnings without using systemd, also add systemd or
libimvirt-perl as recommends.
Closes: #984789
* Bump Standards-Version to 4.6.1.
* Merge 3.4-5+deb10u1 and 3.5-4+deb11u1 changelog.
* Adjust mismatched lintian override.
-- Patrick Matthäi <pmatthaei@debian.org> Tue, 17 May 2022 17:38:05 +0200
needrestart (3.5-5) unstable; urgency=medium
* Add patch from Lukasz Zemczak to add and basic autopkgtest.
Closes: #810584
* Bump Standards-Version to 4.6.0.
* Remove again pacman hook configfile.
Closes: #994407
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 14 Oct 2021 14:23:58 +0200
needrestart (3.5-4+deb11u2) bullseye; urgency=medium
* Add upstream patch 09-cgroupv2 to fix broken detection with cgroupv2.
Closes: #1005953
-- Patrick Matthäi <pmatthaei@debian.org> Wed, 18 May 2022 08:32:47 +0200
needrestart (3.5-4+deb11u1) bullseye-security; urgency=high
* Add patch 08-anchor-interp-re to fix not anchored regular expressions.
This fixes CVE-2022-30688.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 13 May 2022 10:50:07 +0200
needrestart (3.5-4) unstable; urgency=medium
* New source only upload.
-- Patrick Matthäi <pmatthaei@debian.org> Mon, 12 Apr 2021 10:04:21 +0200
needrestart (3.5-3) unstable; urgency=medium
* debian/watch: Adjust github URL.
* Add stable upstream patch 02-ruby-relative-path to fix detection for ruby
script started from relative paths.
* Add stable upstream patch 03-fix-wrong-default-comment to fix comment for
default value of skip_mapfiles.
* Add stable upstream patch 04-verbose-and-verbosity-confusion to fix
verbose/verbosity confusion in needrestart.conf.
* Add stable upstream patch 05-ignore-nvidia-memfd to ignore memfd used by
nvidia binary drivers.
* Add stable upstream patch 06-dont-restart-bluetooth to ignore restarting
bluetooth by default.
* Add stable upstream patch 07-runit to add support for runit.
Closes: #972685
-- Patrick Matthäi <pmatthaei@debian.org> Fri, 09 Apr 2021 11:17:52 +0200
needrestart (3.5-2) unstable; urgency=medium
* Adjust lintian overrides.
* Bump Standards-Version to 4.5.1.
* Bump debhelper-compat to level 13.
* Update debian/watch file standard to version 4.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 19 Nov 2020 14:59:15 +0100
needrestart (3.5-1) unstable; urgency=medium
* New upstream release.
- Drop merged patch 02-ignore-networking.
- Drop merged patch 03-typo-env-var.
- Drop merged patch 04-restore-cwd.
- Drop merged patch 05-strip-leading-zeroes.
- Check for pending AMD microcode updates.
Closes: #886611
- Ignore mapped files in temporary directories.
Closes: #925408
- Negative repeat count does nothing.
Closes: #942759
* Install new configuration files.
* Overwrite lintian warning executable-in-usr-lib.
-- Patrick Matthäi <pmatthaei@debian.org> Tue, 31 Mar 2020 11:24:03 +0200
needrestart (3.4-6) unstable; urgency=medium
* Bump Standards-Version to 4.5.0.
* Use the new debhelper-compat notation, and drop the d/compat file.
* Adjust source lintian-overrides.
* Set Rules-Requires-Root: no.
* Adjust lintian overrides.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 23 Jan 2020 16:33:08 +0100
needrestart (3.4-5+deb10u1) buster-security; urgency=high
* Add patch 08-anchor-interp-re to fix not anchored regular expressions.
This fixes CVE-2022-30688.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 13 May 2022 10:47:27 +0200
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog needrestart`.
Generated by dwww version 1.15 on Sat Aug 30 03:31:35 CEST 2025.