-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 12 Nov 2024 20:51:08 +0100 Source: needrestart Architecture: source Version: 3.6-4+deb12u2 Distribution: bookworm-security Urgency: high Maintainer: Patrick Matthäi Changed-By: Salvatore Bonaccorso Changes: needrestart (3.6-4+deb12u2) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * Address local privilege escalation vulnerabilities from any unprivileged user to root (CVE-2024-48990, CVE-2024-48992, CVE-2024-48991, CVE-2024-11003): - core: prevent race condition on /proc/$PID/exec evaluation - interp: do not set PYTHONPATH environment variable to prevent a LPE - interp: do not set RUBYLIB environment variable to prevent a LPE - interp: chdir into empty directory to prevent python parsing arbitrary files - interp: drop usage of Module::ScanDeps to prevent LPE * debian/control: Drop Depends on libmodule-scandeps-perl Checksums-Sha1: 2b4044db2b161d1ff770402d57855b07f92ed84e 2006 needrestart_3.6-4+deb12u2.dsc 16e30b8c5ca9fb164587c1a18cbcceec3afa9d40 71159 needrestart_3.6.orig.tar.gz 2b35646a3426465dca94c578a2165b24e106a4c7 15612 needrestart_3.6-4+deb12u2.debian.tar.xz e953f449c26ab41b2d6b0262ebb9e155894af7c1 6244 needrestart_3.6-4+deb12u2_source.buildinfo Checksums-Sha256: 5b85ae08bc76cb1fc06f4b58690f4b92c1350d2b2ce634bbe69b32572b8af224 2006 needrestart_3.6-4+deb12u2.dsc 3dced40d6116287b163da018d57014b0b7cee04794a95f8602126e2c296ed1a7 71159 needrestart_3.6.orig.tar.gz 3f2668474f5e20f596ff4e78ae328fb09fb2d3a6d9264d9a00d14308a7162046 15612 needrestart_3.6-4+deb12u2.debian.tar.xz 9db8c278888ec2d94898103b6d76549d448f08eeadfc2df16c085228c8953704 6244 needrestart_3.6-4+deb12u2_source.buildinfo Files: 06ddb5552bc409af5fbe7fa882dd06a8 2006 admin optional needrestart_3.6-4+deb12u2.dsc 8ea62680286b44f7c1ffb8298ed99385 71159 admin optional needrestart_3.6.orig.tar.gz 82e4db042ff0c3377a70ecdc796bbc38 15612 admin optional needrestart_3.6-4+deb12u2.debian.tar.xz 04b8b7cfad60f1fd33865eba0f244b65 6244 admin optional needrestart_3.6-4+deb12u2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmc4xQhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EQwEP/jVyy+I12LylSfj8xQ6Slta8d2IGu65z q5ru+poGWijRrPy8my4SCfLhjIRVDz50sp1SYKi7XTMicJwmJGP5dTVq405jRTDu gfaUU40NvhI4pOrJHOo+FEGf0B4FECEqwlO42ks3rZgDKI2Xpar/z/e+OywVBAVw waLcxq4wYcbNyJ9kAUzLaUnl0PPDiLExGlKELlQG7W9n/iplaO6VhYGmh79hKdnD b0PA2ifxnJHmS+t0olJAUn847beOL956Gg1dguHikmPlpD2OK+32XMiLyOI2GDFu Gm9+/H+nxBdAGn2BvvzvigwHmB5+bIMklapkF19U3VJzHmbY8u5VSM53kX7LU9uI ptPzz7pe9TL+mlmZQM+zevUkwRqhLIDhRtQnuGEQ+kWGOpQR+/1KCI5Qj8aDY7Co 43aq9RwWZt9LzZ22c4jCIVxI0BqA57RWh7AnCpB3LGQ/cpdZdQiowQ7713sUsgi2 TVVLf/mujhlZgyiptdmfRxQVquuoLnbajHUaeWqbY+C0/8XhTar/q8wBLtlN9BOp LG1rF6cGGaKOw7oL7XKTEO0LcoXcvVj4PBglGCn1sCI0r0CCM7k/Y21WSzbkBDh0 Zt8jSmJBZbJNJpXZZ4Pkxj7IyJdwhw8A6qdrRKL0Rsj/jLRkaU5ATu/Z/JtOSTAO ybUzSrc0o8yZ =PWvy -----END PGP SIGNATURE-----