subject:"Bug#1011198\\\\\\\: bullseye\\\\\\\-pu\\\\\\\: package needrestart\\\\\\\/3.5\\\\\\\-4\\\\\\\+deb11u2"

Bug#1011198: bullseye-pu: package needrestart/3.5-4+deb11u2

2022-05-28 Thread Adam D. Barratt

Control: tags -1 + confirmed

On Wed, 2022-05-18 at 08:47 +0200, Patrick Matthäi wrote:
> we require a small update for stable of needrestart to fix #1005953
> This update already includes the security update from yesterday (3.5-
> 4+deb11u1),
> to be on the safe side I attached the full debdiff (with the approved
> security update).
> 

For reference, a diff against the security update would have been fine.

> [ Reason ]
> It is required, because the initial changes were introduced with a
> systemd
> update
> 
> [ Impact ]
> Detection of restarts does not work as excepted in every case
> 

Please go ahead.

Regards,

Adam

Bug#1011198: bullseye-pu: package needrestart/3.5-4+deb11u2

2022-05-18 Thread Patrick Matthäi

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: tho...@fiasko-nw.net

Hello,
we require a small update for stable of needrestart to fix #1005953
This update already includes the security update from yesterday (3.5-4+deb11u1),
to be on the safe side I attached the full debdiff (with the approved security 
update).

[ Reason ]
It is required, because the initial changes were introduced with a systemd
update

[ Impact ]
Detection of restarts does not work as excepted in every case

[ Tests ]
Manual tested by myself, patch already in unstable/testing

[ Risks ]
No risk

[ Checklist ]
  [x ] *all* changes are documented in the d/changelog
  [x ] I reviewed all changes and I approve them
  [x ] attach debdiff against the package in (old)stable
  [x ] the issue is verified as fixed in unstable
diff -Naur tags/3.5-4/debian/changelog branches/bullseye/debian/changelog
--- tags/3.5-4/debian/changelog 2021-04-12 10:08:42.636804816 +0200
+++ branches/bullseye/debian/changelog  2022-05-18 08:34:23.358456321 +0200
@@ -1,3 +1,17 @@
+needrestart (3.5-4+deb11u2) bullseye; urgency=medium
+
+  * Add upstream patch 09-cgroupv2 to fix broken detection with cgroupv2.
+Closes: #1005953
+
+ -- Patrick Matthäi   Wed, 18 May 2022 08:32:47 +0200
+
+needrestart (3.5-4+deb11u1) bullseye-security; urgency=high
+
+  * Add patch 08-anchor-interp-re to fix not anchored regular expressions.
+This fixes CVE-2022-30688.
+
+ -- Patrick Matthäi   Thu, 13 May 2022 10:50:07 +0200
+
 needrestart (3.5-4) unstable; urgency=medium
 
   * New source only upload.
diff -Naur tags/3.5-4/debian/patches/08-anchor-interp-re.diff 
branches/bullseye/debian/patches/08-anchor-interp-re.diff
--- tags/3.5-4/debian/patches/08-anchor-interp-re.diff  1970-01-01 
01:00:00.0 +0100
+++ branches/bullseye/debian/patches/08-anchor-interp-re.diff   2022-05-18 
08:31:50.143457667 +0200
@@ -0,0 +1,42 @@
+# Upstream patch to fix not anchored regular expressions.
+
+diff --git a/perl/lib/NeedRestart/Interp/Perl.pm 
b/perl/lib/NeedRestart/Interp/Perl.pm
+index 40aabb4..5031679 100644
+--- a/perl/lib/NeedRestart/Interp/Perl.pm
 b/perl/lib/NeedRestart/Interp/Perl.pm
+@@ -43,7 +43,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+ 
+-return 1 if($bin =~ m@/usr/(local/)?bin/perl@);
++return 1 if($bin =~ m@^/usr/(local/)?bin/perl(5[.\d]*)?$@);
+ 
+ return 0;
+ }
+diff --git a/perl/lib/NeedRestart/Interp/Python.pm 
b/perl/lib/NeedRestart/Interp/Python.pm
+index 559666c..a30121d 100644
+--- a/perl/lib/NeedRestart/Interp/Python.pm
 b/perl/lib/NeedRestart/Interp/Python.pm
+@@ -42,7 +42,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+ 
+-return 1 if($bin =~ m@/usr/(local/)?bin/python@);
++return 1 if($bin =~ m@^/usr/(local/)?bin/python([23][.\d]*)?$@);
+ 
+ return 0;
+ }
+diff --git a/perl/lib/NeedRestart/Interp/Ruby.pm 
b/perl/lib/NeedRestart/Interp/Ruby.pm
+index d02973d..72920f3 100644
+--- a/perl/lib/NeedRestart/Interp/Ruby.pm
 b/perl/lib/NeedRestart/Interp/Ruby.pm
+@@ -42,7 +42,7 @@ sub isa {
+ my $pid = shift;
+ my $bin = shift;
+ 
+-return 1 if($bin =~ m@/usr/(local/)?bin/ruby@);
++return 1 if($bin =~ m@^/usr/(local/)?bin/ruby$@);
+ 
+ return 0;
+ }
+
diff -Naur tags/3.5-4/debian/patches/09-cgroupv2.diff 
branches/bullseye/debian/patches/09-cgroupv2.diff
--- tags/3.5-4/debian/patches/09-cgroupv2.diff  1970-01-01 01:00:00.0 
+0100
+++ branches/bullseye/debian/patches/09-cgroupv2.diff   2022-05-18 
08:32:21.755251053 +0200
@@ -0,0 +1,24 @@
+From 29fcd57cd89a962bb94adbf116acd9a61036b6eb Mon Sep 17 00:00:00 2001
+From: Thomas Liske 
+Date: Mon, 16 May 2022 20:00:17 +0200
+Subject: [PATCH] [Core] Make cgroup detection for services and user sessions
+ cgroup v2 aware.
+
+closes #203, closes #213
+---
+ needrestart | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/needrestart b/needrestart
+index 6bf2e6b..bc690aa 100755
+--- a/needrestart
 b/needrestart
+@@ -648,7 +648,7 @@ if(defined($opt_l)) {
+   my ($rc) = map {
+   chomp;
+   my ($id, $type, $value) = split(/:/);
+-  if($type ne q(name=systemd)) {
++  if($id != 0 && $type ne q(name=systemd)) {
+   ();
+   }
+   else {
diff -Naur tags/3.5-4/debian/patches/series 
branches/bullseye/debian/patches/series
--- tags/3.5-4/debian/patches/series2021-04-12 10:08:42.636804816 +0200
+++ branches/bullseye/debian/patches/series 2022-05-18 08:32:36.875152228 
+0200
@@ -5,3 +5,5 @@
 05-ignore-nvidia-memfd.diff
 06-dont-restart-bluetooth.diff
 07-runit.diff
+08-anchor-interp-re.diff
+09-cgroupv2.diff

Bug#1011198: bullseye-pu: package needrestart/3.5-4+deb11u2

Bug#1011198: bullseye-pu: package needrestart/3.5-4+deb11u2

2 matches

Site Navigation

Mail list logo

Footer information