[ubuntu/plucky-proposed] needrestart 3.8-1ubuntu1 (Accepted)
Pragyansh Chaturvedi
pragyansh.chaturvedi at canonical.com
Thu Feb 20 10:04:16 UTC 2025
needrestart (3.8-1ubuntu1) plucky; urgency=medium
* Merge with Debian unstable (LP: #2091347)
* Drop changes:
- d/p/CVE-2024-48990.patch: Fixed in 3.7-3.1
- d/p/CVE-2024-48991.patch: Fixed in 3.7-3.1
- d/p/CVE-2024-48992.patch: Fixed in 3.7-3.1
- d/p/CVE-2024-11003.patch: Fixed in 3.7-3.1
- d/p/lp2084571/*.patch: Fixed in 3.7
* Remaining changes:
- ubuntu-mode:
+ introduce a specific mode when running as APT hook
(LP #1987449, LP #2004203, LP #2055433, LP #2055437)
+ Don't touch /run/reboot-required on kernel updates
(LP #2065863, LP #2068543, LP #2068573)
+ Fix container handling (LP #2084571)
- make sure containers aren't restarted from APT
- Rest of the delta has been resolved upstream
+ Restore default behaviour wrt TTY detection
+ d/t:
- control: add missing libc6-dev dependency, mark tests
needing VM.
- explicitly set the debconf frontend.
- move tests to Tests instead of Test-Command
- deprecate APIs and runner performance
- guard against looping when failing
- move off deprecated python-tmux APIs (LP #2069591)
+ Add some inline documentation for the Ubuntu mode
(LP: #2068573)
- d/p/ubuntu-avoid-restart-cloud-final.patch: avoid automatic
restart of cloud-init systemd oneshot services when
cloud-init invokes apt-get dist-upgrade due to user-data
- Prevent needrestart restarting itself (LP #2067482)
- restart exceptions for google-guest-agent service, GH
runner provisioner, glusterd and keepalived
(LP #2063442, LP #2067800, LP: #2085070, LP: #2089155)
needrestart (3.8-1) unstable; urgency=medium
* Acknowledge all NMUs, thanks for taking care to everyone!
* Uploading to unstable.
needrestart (3.8-0.1) experimental; urgency=medium
* New upstream release (Closes: #1087882)
* Remove patches merged upstream
- 09-recognize-versioned-ruby-interpreter.diff
- 11-spelling-error.diff
- core-prevent-race-condition-on-proc-PID-exec-evaluat.patch
- interp-chdir-into-empty-directory-to-prevent-python-.patch
- interp-do-not-set-PYTHONPATH-environment-variable-to.patch
- interp-do-not-set-RUBYLIB-environment-variable-to-pr.patch
- interp-drop-usage-of-Module-ScanDeps-to-prevent-LPE.patch
* 08-uninitialized-vars-arm.diff kept, but rerolled, seems like upstream
had a different fix, might be unnecessary
needrestart (3.7-3.3) unstable; urgency=medium
* Non-maintainer upload.
* Revisit "core: fix regression of false positives for processes running in
chroot or mountns" with final version upstream
needrestart (3.7-3.2) unstable; urgency=medium
* Non-maintainer upload.
* core: fix regression of false positives for processes running in chroot or
mountns (Closes: #1087918, #1088047, #1088012, #1087917, #1087958,
#1087957)
needrestart (3.7-3.1) unstable; urgency=high
* Non-maintainer upload.
* Address local privilege escalation vulnerabilities from any unprivileged
user to root (CVE-2024-48990, CVE-2024-48992, CVE-2024-48991,
CVE-2024-11003):
- core: prevent race condition on /proc/$PID/exec evaluation
- interp: do not set PYTHONPATH environment variable to prevent a LPE
- interp: do not set RUBYLIB environment variable to prevent a LPE
- interp: chdir into empty directory to prevent python parsing arbitrary
files
- interp: drop usage of Module::ScanDeps to prevent LPE
* debian/control: Drop Depends on libmodule-scandeps-perl
needrestart (3.7-3) unstable; urgency=medium
* Fix call of runuser in 400-notify-send.
Closes: #1079666
needrestart (3.7-2) unstable; urgency=medium
* Patch 02-bash-term-in-posix-shell is not required with 3.7 anymore.
Closes: #1078654
needrestart (3.7-1) unstable; urgency=medium
* New upstream release.
- Drop merged patches 04-vm-detection,
05-fix-AMD-ucode-checking-in-non-debug-mode,
06-uCode-fix-uninitialized-value-in-logging-of-processo and
07-mark-unavailable-firmware-as-CURRENT.
* Bump Standards-Version to 4.7.0.
* Adjust lintian overrides.
Date: Thu, 16 Jan 2025 01:18:11 +0530
Changed-By: Pragyansh Chaturvedi <pragyansh.chaturvedi at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Simon Chopin <simon.chopin at canonical.com>
https://launchpad.net/ubuntu/+source/needrestart/3.8-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 16 Jan 2025 01:18:11 +0530
Source: needrestart
Built-For-Profiles: noudeb
Architecture: source
Version: 3.8-1ubuntu1
Distribution: plucky
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Pragyansh Chaturvedi <pragyansh.chaturvedi at canonical.com>
Closes: 1078654 1079666 1087882 1087917 1087918 1087957 1087958 1088012 1088047
Launchpad-Bugs-Fixed: 2068573 2085070 2089155 2091347
Changes:
needrestart (3.8-1ubuntu1) plucky; urgency=medium
.
* Merge with Debian unstable (LP: #2091347)
* Drop changes:
- d/p/CVE-2024-48990.patch: Fixed in 3.7-3.1
- d/p/CVE-2024-48991.patch: Fixed in 3.7-3.1
- d/p/CVE-2024-48992.patch: Fixed in 3.7-3.1
- d/p/CVE-2024-11003.patch: Fixed in 3.7-3.1
- d/p/lp2084571/*.patch: Fixed in 3.7
* Remaining changes:
- ubuntu-mode:
+ introduce a specific mode when running as APT hook
(LP #1987449, LP #2004203, LP #2055433, LP #2055437)
+ Don't touch /run/reboot-required on kernel updates
(LP #2065863, LP #2068543, LP #2068573)
+ Fix container handling (LP #2084571)
- make sure containers aren't restarted from APT
- Rest of the delta has been resolved upstream
+ Restore default behaviour wrt TTY detection
+ d/t:
- control: add missing libc6-dev dependency, mark tests
needing VM.
- explicitly set the debconf frontend.
- move tests to Tests instead of Test-Command
- deprecate APIs and runner performance
- guard against looping when failing
- move off deprecated python-tmux APIs (LP #2069591)
+ Add some inline documentation for the Ubuntu mode
(LP: #2068573)
- d/p/ubuntu-avoid-restart-cloud-final.patch: avoid automatic
restart of cloud-init systemd oneshot services when
cloud-init invokes apt-get dist-upgrade due to user-data
- Prevent needrestart restarting itself (LP #2067482)
- restart exceptions for google-guest-agent service, GH
runner provisioner, glusterd and keepalived
(LP #2063442, LP #2067800, LP: #2085070, LP: #2089155)
.
needrestart (3.8-1) unstable; urgency=medium
.
* Acknowledge all NMUs, thanks for taking care to everyone!
* Uploading to unstable.
.
needrestart (3.8-0.1) experimental; urgency=medium
.
* New upstream release (Closes: #1087882)
* Remove patches merged upstream
- 09-recognize-versioned-ruby-interpreter.diff
- 11-spelling-error.diff
- core-prevent-race-condition-on-proc-PID-exec-evaluat.patch
- interp-chdir-into-empty-directory-to-prevent-python-.patch
- interp-do-not-set-PYTHONPATH-environment-variable-to.patch
- interp-do-not-set-RUBYLIB-environment-variable-to-pr.patch
- interp-drop-usage-of-Module-ScanDeps-to-prevent-LPE.patch
* 08-uninitialized-vars-arm.diff kept, but rerolled, seems like upstream
had a different fix, might be unnecessary
.
needrestart (3.7-3.3) unstable; urgency=medium
.
* Non-maintainer upload.
* Revisit "core: fix regression of false positives for processes running in
chroot or mountns" with final version upstream
.
needrestart (3.7-3.2) unstable; urgency=medium
.
* Non-maintainer upload.
* core: fix regression of false positives for processes running in chroot or
mountns (Closes: #1087918, #1088047, #1088012, #1087917, #1087958,
#1087957)
.
needrestart (3.7-3.1) unstable; urgency=high
.
* Non-maintainer upload.
* Address local privilege escalation vulnerabilities from any unprivileged
user to root (CVE-2024-48990, CVE-2024-48992, CVE-2024-48991,
CVE-2024-11003):
- core: prevent race condition on /proc/$PID/exec evaluation
- interp: do not set PYTHONPATH environment variable to prevent a LPE
- interp: do not set RUBYLIB environment variable to prevent a LPE
- interp: chdir into empty directory to prevent python parsing arbitrary
files
- interp: drop usage of Module::ScanDeps to prevent LPE
* debian/control: Drop Depends on libmodule-scandeps-perl
.
needrestart (3.7-3) unstable; urgency=medium
.
* Fix call of runuser in 400-notify-send.
Closes: #1079666
.
needrestart (3.7-2) unstable; urgency=medium
.
* Patch 02-bash-term-in-posix-shell is not required with 3.7 anymore.
Closes: #1078654
.
needrestart (3.7-1) unstable; urgency=medium
.
* New upstream release.
- Drop merged patches 04-vm-detection,
05-fix-AMD-ucode-checking-in-non-debug-mode,
06-uCode-fix-uninitialized-value-in-logging-of-processo and
07-mark-unavailable-firmware-as-CURRENT.
* Bump Standards-Version to 4.7.0.
* Adjust lintian overrides.
Checksums-Sha1:
9d76a88bff15e27191a9cfb8e9ebe6e10a983671 1798 needrestart_3.8-1ubuntu1.dsc
5ffa2b5617eb96e748b33fadf8e2ecbf9ec22fca 75562 needrestart_3.8.orig.tar.gz
1e217da67edc91f117e55fd33be3c43326cdbcef 22876 needrestart_3.8-1ubuntu1.debian.tar.xz
1c2a74abe3b16a3c028fbb651848170bd373e4b3 7096 needrestart_3.8-1ubuntu1_source.buildinfo
Checksums-Sha256:
32173f613417e5d980fd28b829a243090bf22ef6d32c7114ebbb3b2f5ef338d6 1798 needrestart_3.8-1ubuntu1.dsc
42664e0b1b98fef1e5e849118b9985ac951516c4d5eb24a7da15d058da647c90 75562 needrestart_3.8.orig.tar.gz
caec4a92e4addac5fad6e8b7b3dced29970be162acce147a6ee23a48b69ec2d4 22876 needrestart_3.8-1ubuntu1.debian.tar.xz
f441dff1d9d726852b1ad74d0a0e116b74d18a0cc10aa00580fe9b69944a5f5e 7096 needrestart_3.8-1ubuntu1_source.buildinfo
Files:
f4d05b12e4308aaca14f1fa6eda661e2 1798 admin optional needrestart_3.8-1ubuntu1.dsc
3d317af21fd7492a8f5965df9099ff78 75562 admin optional needrestart_3.8.orig.tar.gz
21bad6f29e5ec641d294e775549cf8c6 22876 admin optional needrestart_3.8-1ubuntu1.debian.tar.xz
9652ef55b2ece737f02034fdff8cc454 7096 admin optional needrestart_3.8-1ubuntu1_source.buildinfo
Original-Maintainer: Patrick Matthäi <pmatthaei at debian.org>
Vcs-Git: https://git.launchpad.net/~schopin/ubuntu/+source/needrestart
Vcs-Git-Commit: 3a1839e35000c68f87c960308f84619cbaf57fd7
Vcs-Git-Ref: refs/heads/merge-lp2091347-plucky
More information about the plucky-changes
mailing list