Package: needrestart Version: 2.10-1 Severity: serious needrestart uses the wrong Perl quote function for regexps in configuration file. It is using q but should be using qr (quote regexps). This means that all of the regexp options are potentially broken, but blacklist_mappings definitely is:
http://perldoc.perl.org/perlop.html#Quote-and-Quote-like-Operators http://perldoc.perl.org/perlop.html#Regexp-Quote-Like-Operators # checkrestart -v Found 0 processes using old versions of upgraded files # needrestart -v [main] eval /etc/needrestart/needrestart.conf [main] running in root-mode [Core] Using UI 'NeedRestart::UI::stdio'... [main] detected systemd ... [main] #27891 uses deleted /run/user/1000/orcexec.OVkLUB [main] #27891 is not a child ... [main] #27891 exe => /usr/bin/pulseaudio [main] #27891 part of user session: uid=1000 sess=17 ... User sessions running outdated binaries: pabs @ session #17: pulseaudio[27891] ... # lsof -p 27891 | grep orc pulseaudi 27891 pabs DEL REG 0,43 253423 /run/user/1000/orcexec.OVkLUB pulseaudi 27891 pabs mem REG 253,1 517176 26870717 /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 # grep orc /proc/27891/maps 7fe198010000-7fe198020000 rw-s 00000000 00:2b 253423 /run/user/1000/orcexec.OVkLUB (deleted) 7fe198020000-7fe198030000 r-xs 00000000 00:2b 253423 /run/user/1000/orcexec.OVkLUB (deleted) 7fe19b5eb000-7fe19b664000 r-xp 00000000 fd:01 26870717 /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 7fe19b664000-7fe19b863000 ---p 00079000 fd:01 26870717 /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 7fe19b863000-7fe19b865000 r--p 00078000 fd:01 26870717 /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 7fe19b865000-7fe19b869000 rw-p 0007a000 fd:01 26870717 /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 # grep -r orc /etc/needrestart/ /etc/needrestart/needrestart.conf: q(/orcexec\.[\w\d]+( \(deleted\))?$), # grep -P '/orcexec\.[\w\d]+( \(deleted\))?$' /proc/27891/maps 7fe198010000-7fe198020000 rw-s 00000000 00:2b 253423 /run/user/1000/orcexec.OVkLUB (deleted) 7fe198020000-7fe198030000 r-xs 00000000 00:2b 253423 /run/user/1000/orcexec.OVkLUB (deleted) # cat test.pl my %nrconf; my $pid = '27891'; $nrconf{blacklist_mappings_q} = [q(/orcexec\.[\w\d]+( \(deleted\))?$),]; $nrconf{blacklist_mappings_qr} = [qr(/orcexec\.[\w\d]+( \(deleted\))?$),]; if(open(HMAP, '<', "/proc/$pid/maps")) { while(<HMAP>) { chomp; my ($maddr, $mperm, $moffset, $mdev, $minode, $path) = split(/\s+/, $_, 6); if ($path =~ /orc/){ print "Path: $path"; print " blacklisted_q" if(scalar grep { $path =~ $_; } @{$nrconf{blacklist_mappings_q}}); print " blacklisted_qr" if(scalar grep { $path =~ $_; } @{$nrconf{blacklist_mappings_qr}}); print "\n"; } } } # perl test.pl Path: /run/user/1000/orcexec.OVkLUB (deleted) blacklisted_qr Path: /run/user/1000/orcexec.OVkLUB (deleted) blacklisted_qr Path: /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 Path: /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 Path: /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 Path: /usr/lib/x86_64-linux-gnu/liborc-0.4.so.0.25.0 # sed -n /orc/p /etc/needrestart/needrestart.conf q(/orcexec\.[\w\d]+( \(deleted\))?$), # sed -i '/orc/s/q/qr/' /etc/needrestart/needrestart.conf # sed -n /orc/p /etc/needrestart/needrestart.conf qr(/orcexec\.[\w\d]+( \(deleted\))?$), # needrestart -v [main] eval /etc/needrestart/needrestart.conf [main] running in root-mode [Core] Using UI 'NeedRestart::UI::stdio'... [main] detected systemd ... No user sessions are running outdated binaries. -- System Information: Debian Release: stretch/sid APT prefers testing-debug APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.7.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages needrestart depends on: ii dpkg 1.18.10 ii gettext-base 0.19.8.1-1 ii libintl-perl 1.26-2 ii libmodule-find-perl 0.13-1 ii libmodule-scandeps-perl 1.22-1 ii libproc-processtable-perl 0.53-2 ii libsort-naturally-perl 1.03-1 ii libterm-readkey-perl 2.37-1 ii perl 5.24.1~rc3-3 ii xz-utils 5.2.2-1.2 needrestart recommends no packages. Versions of packages needrestart suggests: ii libnotify-bin 0.7.7-1 ii needrestart-session 0.3-2 -- no debconf information -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
