needrestart (3.6-7ubuntu4.5) noble-security; urgency=medium
* SECURITY REGRESSION: false positives for killing processes in LXC
(LP: #2089193)
- debian/patches/lp2091096/0021-fix-lxc-fp.patch: use the value of exe
to check for obsolete processes when exec is undefined
-- Sudhakar Verma <sudhakar.verma@canonical.com> Thu, 05 Dec 2024 17:23:51 +0530
needrestart (3.6-7ubuntu4.4) noble-security; urgency=medium
* SECURITY REGRESSION: false positives for killing processes (LP: #2089193)
- debian/patches/lp2089193/0020-fix-chroot-mountns-fp.patch: ignore check
for obsolete processes in chrooted or containerized processes
-- Sudhakar Verma <sudhakar.verma@canonical.com> Tue, 26 Nov 2024 10:44:57 +0530
needrestart (3.6-7ubuntu4.3) noble-security; urgency=medium
* SECURITY UPDATE: incorrect usage of PYTHONPATH environment variable
- debian/patches/CVE-2024-48990.patch: chdir to a clean directory
to avoid loading arbirary objects, sanitize PYTHONPATH before
spawning a new python interpreter
- CVE-2024-48990
* SECURITY UPDATE: race condition for checking path to python
- debian/patches/CVE-2024-48991.patch: sync path for both check
and usage for python interpreter
- CVE-2024-48991
* SECURITY UPDATE: incorrect usage of RUBYLIB environment variable
- debian/patches/CVE-2024-48992.patch: chdir to a clean directory
to avoid loading arbirary objects, sanitize RUBYLIB before
spawning a new ruby interpreter
- CVE-2024-48992
* SECURITY UPDATE: incorrect usage of Perl ScanDeps
- debian/patches/CVE-2024-11003.patch: remove usage of ScanDeps
to avoid parsing arbitrary code
- CVE-2024-11003
-- Sudhakar Verma <sudhakar.verma@canonical.com> Thu, 14 Nov 2024 14:59:09 +0530
needrestart (3.6-7ubuntu4.2) noble; urgency=medium
* Fix container handling (LP: #2084571)
- d/p/ubuntu-mode.patch: make sure containers aren't restarted from APT
- d/p/lp2084571/0019-container-fix-always-ignoring-lxc-lxd-instances-regr.patch:
cherry-picked fix from upstream.
-- Simon Chopin <schopin@ubuntu.com> Tue, 15 Oct 2024 18:12:58 +0200
needrestart (3.6-7ubuntu4.1) noble; urgency=medium
* Prevent needrestart restarting itself (LP: #2067482)
* d/p/ubuntu-mode.patch: Don't touch /run/reboot-required on kernel updates
(LP: #2065863)
* Ubuntu mode: disable it if restart mode has been explicitly set
(LP: #2068543)
* Add some inline documentation for the Ubuntu mode (LP: #2068573)
* Don't restart the google-guest-agent service (LP: #2063442)
-- Simon Chopin <schopin@ubuntu.com> Fri, 14 Jun 2024 15:37:30 +0200
needrestart (3.6-7ubuntu4) noble; urgency=medium
* d/p/ubuntu-avoid-restart-cloud-final.patch:
- avoid automatic restart of cloud-init systemd oneshot services when
cloud-init invokes apt-get dist-upgrade due to user-data (LP: #2059337)
-- Chad Smith <chad.smith@canonical.com> Wed, 27 Mar 2024 16:51:58 -0600
needrestart (3.6-7ubuntu3) noble; urgency=medium
* debian/tests:
- prompt-reboot: mark the tests as needing a VM since needrestart doesn't
do kernel detection when within a container
- *.py: migrate off some deprecated libtmux APIs
- *.py: make tests less sensible to performance issues on the runners
-- Simon Chopin <schopin@ubuntu.com> Fri, 08 Mar 2024 16:01:08 +0100
needrestart (3.6-7ubuntu2) noble; urgency=medium
* Restore default behaviour wrt TTY detection.
We're overriding it anyway later on in Ubuntu mode by default, unless a
UI is explicitly given.
* d/t/control: add missing libc6-dev dependency.
We're building a small C helper to mock out uname(), and of course it
needs the glibc headers available.
* d/t: explicitly set the debconf frontend.
autopkgtests set the frontend to noninteractive, but we actually want to
test what happens with the default frontend to check that the flow
doesn't get interrupted.
-- Simon Chopin <schopin@ubuntu.com> Wed, 06 Mar 2024 14:41:27 +0100
needrestart (3.6-7ubuntu1) noble; urgency=medium
* d/p/ubuntu-mode.patch: introduce a specific mode when running as APT hook.
By default we want needrestart to be quieter, restart services that need
it, and use the standard protocol to notify that a reboot is required.
(LP: #1987449, LP: #2004203, LP: #2055433, LP: #2055437)
-- Simon Chopin <schopin@ubuntu.com> Thu, 29 Feb 2024 17:27:07 +0100
needrestart (3.6-7) unstable; urgency=high
* Add patch 07-mark-unavailable-firmware-as-CURRENT to report missing
firmware support as current.
Closes: #1013285
-- Patrick Matthäi <pmatthaei@debian.org> Tue, 12 Dec 2023 15:37:14 +0100
needrestart (3.6-6) unstable; urgency=high
* Add upstream patch 05-fix-AMD-ucode-checking-in-non-debug-mode and
06-uCode-fix-uninitialized-value-in-logging-of-processo to fix the check of
microprocessor upgrades. Thanks to Antoine Beaupré!
Closes: #1013285
-- Patrick Matthäi <pmatthaei@debian.org> Mon, 20 Nov 2023 09:46:59 +0100
needrestart (3.6-5) unstable; urgency=medium
* Remove obsolete NEWS file.
* Merge 3.5-4+deb11u3 changelog.
* Remove dependency on binutils.
Closes: #1038621
-- Patrick Matthäi <pmatthaei@debian.org> Sun, 02 Jul 2023 16:26:12 +0200
needrestart (3.6-4) unstable; urgency=medium
* Remove leftover conffile 30-pacman with 3.6-4.
Closes: #1036526
* Add patch 03-ignore-serial-getty from Helmut Grohne to ignore serial-getty.
Closes: #1035721
* Add upstream patch 04-vm-detection to fix a typo, which prevents the VM and
microcode detection.
Closes: #1026026
-- Patrick Matthäi <pmatthaei@debian.org> Wed, 31 May 2023 16:47:03 +0200
needrestart (3.6-3) unstable; urgency=medium
* Adjust debian/watch to work again with GitHub.
* Bump Standards-Version to 4.6.2.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 12 Jan 2023 11:08:33 +0100
needrestart (3.6-2) unstable; urgency=medium
* Merge 3.5-4+deb11u2 changelog.
* Adjust renamed lintian tag name in override.
* Add patch 02-bash-term-in-posix-shell to fix a bashism.
* Adjust lintian overrides.
-- Patrick Matthäi <pmatthaei@debian.org> Wed, 14 Sep 2022 14:37:50 +0200
needrestart (3.6-1) unstable; urgency=high
* New upstream release.
- Drop merged patch 02-ruby-relative-path.
- Drop merged patch 03-fix-wrong-default-comment.
- Drop merged patch 04-verbose-and-verbosity-confusion.
- Drop merged patch 05-ignore-nvidia-memfd.
- Drop merged patch 06-dont-restart-bluetooth.
- Drop merged patch 07-runit.
- Fixes CVE-2022-30688: Not anchored regular expressions.
- Replace strings(1) by GNU grep to drop binutils dependency.
Closes: #986507
- Fixes broken detection with cgroupv2.
Closes: #1005953
- Fixes microcode warnings without using systemd, also add systemd or
libimvirt-perl as recommends.
Closes: #984789
* Bump Standards-Version to 4.6.1.
* Merge 3.4-5+deb10u1 and 3.5-4+deb11u1 changelog.
* Adjust mismatched lintian override.
-- Patrick Matthäi <pmatthaei@debian.org> Tue, 17 May 2022 17:38:05 +0200
needrestart (3.5-5) unstable; urgency=medium
* Add patch from Lukasz Zemczak to add and basic autopkgtest.
Closes: #810584
* Bump Standards-Version to 4.6.0.
* Remove again pacman hook configfile.
Closes: #994407
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 14 Oct 2021 14:23:58 +0200
needrestart (3.5-4+deb11u3) bullseye; urgency=medium
* Add patch 10-amd-reporting from George Robbert to fix a Perl warning on
AMD64 systems.
Closes: #1026927
-- Patrick Matthäi <pmatthaei@debian.org> Wed, 08 Feb 2023 12:20:03 +0100
needrestart (3.5-4+deb11u2) bullseye; urgency=medium
* Add upstream patch 09-cgroupv2 to fix broken detection with cgroupv2.
Closes: #1005953
-- Patrick Matthäi <pmatthaei@debian.org> Wed, 18 May 2022 08:32:47 +0200
needrestart (3.5-4+deb11u1) bullseye-security; urgency=high
* Add patch 08-anchor-interp-re to fix not anchored regular expressions.
This fixes CVE-2022-30688.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 13 May 2022 10:50:07 +0200
needrestart (3.5-4) unstable; urgency=medium
* New source only upload.
-- Patrick Matthäi <pmatthaei@debian.org> Mon, 12 Apr 2021 10:04:21 +0200
needrestart (3.5-3) unstable; urgency=medium
* debian/watch: Adjust github URL.
* Add stable upstream patch 02-ruby-relative-path to fix detection for ruby
script started from relative paths.
* Add stable upstream patch 03-fix-wrong-default-comment to fix comment for
default value of skip_mapfiles.
* Add stable upstream patch 04-verbose-and-verbosity-confusion to fix
verbose/verbosity confusion in needrestart.conf.
* Add stable upstream patch 05-ignore-nvidia-memfd to ignore memfd used by
nvidia binary drivers.
* Add stable upstream patch 06-dont-restart-bluetooth to ignore restarting
bluetooth by default.
* Add stable upstream patch 07-runit to add support for runit.
Closes: #972685
-- Patrick Matthäi <pmatthaei@debian.org> Fri, 09 Apr 2021 11:17:52 +0200
needrestart (3.5-2) unstable; urgency=medium
* Adjust lintian overrides.
* Bump Standards-Version to 4.5.1.
* Bump debhelper-compat to level 13.
* Update debian/watch file standard to version 4.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 19 Nov 2020 14:59:15 +0100
needrestart (3.5-1) unstable; urgency=medium
* New upstream release.
- Drop merged patch 02-ignore-networking.
- Drop merged patch 03-typo-env-var.
- Drop merged patch 04-restore-cwd.
- Drop merged patch 05-strip-leading-zeroes.
- Check for pending AMD microcode updates.
Closes: #886611
- Ignore mapped files in temporary directories.
Closes: #925408
- Negative repeat count does nothing.
Closes: #942759
* Install new configuration files.
* Overwrite lintian warning executable-in-usr-lib.
-- Patrick Matthäi <pmatthaei@debian.org> Tue, 31 Mar 2020 11:24:03 +0200
needrestart (3.4-6) unstable; urgency=medium
* Bump Standards-Version to 4.5.0.
* Use the new debhelper-compat notation, and drop the d/compat file.
* Adjust source lintian-overrides.
* Set Rules-Requires-Root: no.
* Adjust lintian overrides.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 23 Jan 2020 16:33:08 +0100
needrestart (3.4-5+deb10u1) buster-security; urgency=high
* Add patch 08-anchor-interp-re to fix not anchored regular expressions.
This fixes CVE-2022-30688.
-- Patrick Matthäi <pmatthaei@debian.org> Thu, 13 May 2022 10:47:27 +0200
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog needrestart`.
Generated by dwww version 1.16 on Sat Dec 13 16:25:48 CET 2025.