-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 Nov 2024 20:51:08 +0100
Source: needrestart
Architecture: source
Version: 3.6-4+deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: Patrick Matthäi <pmatthaei@debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
needrestart (3.6-4+deb12u2) bookworm-security; urgency=high
.
* Non-maintainer upload by the Security Team.
* Address local privilege escalation vulnerabilities from any unprivileged
user to root (CVE-2024-48990, CVE-2024-48992, CVE-2024-48991,
CVE-2024-11003):
- core: prevent race condition on /proc/$PID/exec evaluation
- interp: do not set PYTHONPATH environment variable to prevent a LPE
- interp: do not set RUBYLIB environment variable to prevent a LPE
- interp: chdir into empty directory to prevent python parsing arbitrary
files
- interp: drop usage of Module::ScanDeps to prevent LPE
* debian/control: Drop Depends on libmodule-scandeps-perl
Checksums-Sha1:
2b4044db2b161d1ff770402d57855b07f92ed84e 2006 needrestart_3.6-4+deb12u2.dsc
16e30b8c5ca9fb164587c1a18cbcceec3afa9d40 71159 needrestart_3.6.orig.tar.gz
2b35646a3426465dca94c578a2165b24e106a4c7 15612 needrestart_3.6-4+deb12u2.debian.tar.xz
e953f449c26ab41b2d6b0262ebb9e155894af7c1 6244 needrestart_3.6-4+deb12u2_source.buildinfo
Checksums-Sha256:
5b85ae08bc76cb1fc06f4b58690f4b92c1350d2b2ce634bbe69b32572b8af224 2006 needrestart_3.6-4+deb12u2.dsc
3dced40d6116287b163da018d57014b0b7cee04794a95f8602126e2c296ed1a7 71159 needrestart_3.6.orig.tar.gz
3f2668474f5e20f596ff4e78ae328fb09fb2d3a6d9264d9a00d14308a7162046 15612 needrestart_3.6-4+deb12u2.debian.tar.xz
9db8c278888ec2d94898103b6d76549d448f08eeadfc2df16c085228c8953704 6244 needrestart_3.6-4+deb12u2_source.buildinfo
Files:
06ddb5552bc409af5fbe7fa882dd06a8 2006 admin optional needrestart_3.6-4+deb12u2.dsc
8ea62680286b44f7c1ffb8298ed99385 71159 admin optional needrestart_3.6.orig.tar.gz
82e4db042ff0c3377a70ecdc796bbc38 15612 admin optional needrestart_3.6-4+deb12u2.debian.tar.xz
04b8b7cfad60f1fd33865eba0f244b65 6244 admin optional needrestart_3.6-4+deb12u2_source.buildinfo
-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmc4xQhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EQwEP/jVyy+I12LylSfj8xQ6Slta8d2IGu65z q5ru+poGWijRrPy8my4SCfLhjIRVDz50sp1SYKi7XTMicJwmJGP5dTVq405jRTDu gfaUU40NvhI4pOrJHOo+FEGf0B4FECEqwlO42ks3rZgDKI2Xpar/z/e+OywVBAVw waLcxq4wYcbNyJ9kAUzLaUnl0PPDiLExGlKELlQG7W9n/iplaO6VhYGmh79hKdnD b0PA2ifxnJHmS+t0olJAUn847beOL956Gg1dguHikmPlpD2OK+32XMiLyOI2GDFu Gm9+/H+nxBdAGn2BvvzvigwHmB5+bIMklapkF19U3VJzHmbY8u5VSM53kX7LU9uI ptPzz7pe9TL+mlmZQM+zevUkwRqhLIDhRtQnuGEQ+kWGOpQR+/1KCI5Qj8aDY7Co 43aq9RwWZt9LzZ22c4jCIVxI0BqA57RWh7AnCpB3LGQ/cpdZdQiowQ7713sUsgi2 TVVLf/mujhlZgyiptdmfRxQVquuoLnbajHUaeWqbY+C0/8XhTar/q8wBLtlN9BOp LG1rF6cGGaKOw7oL7XKTEO0LcoXcvVj4PBglGCn1sCI0r0CCM7k/Y21WSzbkBDh0 Zt8jSmJBZbJNJpXZZ4Pkxj7IyJdwhw8A6qdrRKL0Rsj/jLRkaU5ATu/Z/JtOSTAO
ybUzSrc0o8yZ
=PWvy
-----END PGP SIGNATURE-----


--==============24747778635682772=Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZz9yXQAKCRCb9qggYcy5 IezLAQCvaB7WTGsPqNRWclnvtngATR4aGtAvl3VeGOvjAqoSigEA44JJdFlpyVTF F7uyosYEXfTd/4MaJwWrfdjz9LlNIwo=TJFo
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)