3.7

Features

• [Interp] Add optional persistent cache support for perl scanning.
  (github pull request #282 by Jean-Marc Saffroy @saffroy)
• [Core] Add OpenMetrics time series output.
  (github pull request #308 by Gabriel Filion @lelutin)

Changes

• [Core] Replace which by command -v.
  (github pull request #254 by @a1346054)
• [Core] Ignore USBGuard.
  (github pull request #257 by Christoph Anton Mitterer @calestyo)
• [Core] Do not ignore dhclient but prevent restart ifup automaticly.
  (github pull request #262 by @anarcat)
• [Core] Add greetd to the list of restart exclusions.
  (github pull request #266 by Iván Zaera @ivan-zaera)
• [Core] Support dbus replacements.
  (github pull request #276 by @Vladimir-csp)
• [Core] Apply override_rc deterministically.
  (github pull request #280 by Corey Hickey @bugfood)
• [uCode] Test vendor id before check for Intel ucode.
  (github pull request #284 by FRITZ|FRITZ @fritz-fritz)
• [uCode] Fix AMD ucode checking in non-debug mode.
  (github pull request #288 by @anarcat)
• [uCode] Mark unavailable ucode as CURRENT.
  (github pull request #290 by @anarcat)
• [Kernel] Increase read size for version strings.
  (github pull request #293 by @jaycci)
• [README] Add RPi5 details.
  (github pull request #298 by @Opa-)
• [README] Add RPi1 details.
  (github pull request #304 by @juadde)
• [uCode] Add an option to print uCode hints w/o acknowledgement.
  (github pull request #307 by Adam @adsr)

Fixes

• [README] Prevent shell expansion in example.
  (github pull request #252 by David Taylor @dtaylor84)
• [Core] Fix VM detection regression introduced in f54d85c.
  (github pull request #248 by @zxyrepf)
• [uCode] Fix uninitialized value regression.
  (github pull request #273 by Stefan Bühler @stbuehler)
• [uCode] Fix AMD uCode check in non-debug mode.
  (github pull request #278 by Jan-Philipp Litza @jplitza)
• [CONT] Fix always ignoring lxc/lxd instances.
  (github issue #245 by Mitsuya Shibata @m-shibata)
• [Core] Fix shellcheck issues.
  (github issue #300 by Eisuke Kawashima @e-kwsm)
• [Kernel] Fix kernel version detection for kernel images >= 6.0.
  (github issue #245 by Stefan Bühler @tik-stbuehler)

v3.6

Security

• [Interp] CVE-2022-30688: Anchor interpreter regex to prevent local privilege escalation.
  (responsibly reported by Jakub Wilk)
  DSA 5137-1 | USN-5426-1

Features

• [Core] Add support for runit.
  (Debian Bug#972685 by Lorenzo Puliti [email protected])
• [VM] Add support to detect outdated VM processes (i.e. qemu).
  (github pull request #216 by )Christian Ehrhardt @cpaelzer)

Changes

• [Cont] Improve LXD container support.
  (github pull request #188 by James TD Smith @ahktenzero)
• [Cont] Update cgroup regex for LXC 4.0.
  (github pull request #215 by James TD Smith @ahktenzero)
• [Cont] Support cgroup v2 for docker.
  (github pull request #234 by Markus Frosch @lazyfrosch)
• [Cont] Support cgroup v2 for LXC/LXD.
  (github pull request #238 by Trent Lloyd @lathiat)
• [Core] Support cgroup v2 for services and user sessions.
• [Core] Support systemd manager restart on Ubuntu 20.04+.
  (github pull request #195 by Lars Kollstedt @LarsKollstedt)
• [Core] Do not restart bluetooth.service by default.
  (github pull request #209 by Erik Tews @eriktews)
• [Core] Do not restart elogind by default.
  (github issue #205 by @HumanG33k)
• [Core] Output user sessions in batch mode.
  (github pull request #232 by @anarcat)
• [Core] Use ImVirt for virtualization detection if not running on systemd.
  (Debian Bug#984789 by Patrik Schindler [email protected])
• [Interp] Add tolerance when checking script file ctimes to avoid false positives.
  (github pull request #233 by Corey Hickey @bugfood)
• [Kernel] Replace strings(1) by GNU grep to drop binutils dependency.
  (Debian Bug#986507 by Trent W. Buck [email protected])

Fixes

• [Core] Fix comment for default value of skip_mapfiles.
  (github pull request #179 by @iasdeoupxe)
• [Interp] Fix detection for ruby script started from relative paths.
  (github pull request #182 by Alexander Neumann @rtpt-alex)
• [Core] Fix typos.
  (github pull request #189 by @wwuck)
  (github pull request #193 by Stefan Weil @stweil)
• [Core] Fix verbose/verbosity confusion in needrestart.conf.
  (github pull request #197 by Jan-Philipp Litza @jplitza)
• [Core] Ignore memfd files like used by nvidia's binary drivers.
  (github pull request #200 by Jan Visser @starquake)
• [Core] Ignore all memfd mappings.
  (Debian Bug#972685 by Michail Bachmann [email protected])
• [Core] Ignore Java Native Access mappings.
  (github issue #142 by @nirgal)
  (github issue #185 by Ivan Zaera @izaera)
• [Core] nagios: Do not print perfdata data in unkown state.
  (github pull request #222 by Lorenz @RincewindsHat)
• [uCode] Fix 'uninitialized value' on AMD.
  (github pull request #226 by Christian Garbs @mmitch)

Misc

• Minor cleanups (whitespaces, shellcheck, ...).
  (github pull request #217 by @a1346054)
• Update README.batch.md.
  (github pull request #219 by Stavros Ntentos @stdedos)
• Add icinga2 example config.
  (github pull request #223 by Lorenz @RincewindsHat)
• [uCode] Fix lsinitrd example.
  (github pull request #240 by Corey Hickey @bugfood)

Full Changelog: v3.5...v3.6

3.5

Features

• [uCode] Check for pending AMD microcode updates (experimental).
  (Debian Bug#886611 by Paul Wise [email protected])
  (github issue #150 by Tom Reynolds @tomreyn and Mark Wagie @yochananmarqos)

Changes

• [Core] Add network.service to blacklist.
  (github pull request #145 by Marc Dequènes (Duck) @duck-rh)
• [uCode] Check microcode revision of each individual CPUs.
• [Kernel] Support kernel image filename filtering required for Raspbian.
  (github issue #146 by @takichikawa)
  (github issue #155 by Fenhl @fenhl and Christian @git-developer)
• [uCode] Support local override for iucode_tool call.
  (github issue #148 by @mphilipps and Marc Dequènes (Duck) @duck-rh)
• [notify] Add app name to notify-send call.
  (github issue #76 by @Vladimir-csp)

Fixes

• [Core] Do not restart networking.service.
  (Debian Bug#922725 by Timo Sigurdsson [email protected]).
• [Core] Fix typo in man page for env variable DEBIAN_FRONT(END).
  (Debian Bug#922864 by Lee Garrett [email protected])
  (Debian Bug#923853 by Petter Reinholdtsen [email protected])
• [Interp] Restore cwd when skipping processes with unavailable cwd.
  (github issue #147 by Stavros Ntentos @stdedos)
• [Core] Remove leading zero before testing in map_files.
  (Debian Bug#928225 by Alexander Galanin [email protected])
• [Core] Fix typos in ex/needrestart.conf.
  (github pull request #163 by Simon Brand @brandsimon)
• [UI] Don't fail when terminal has zero columns width.
  (github pull request #167 by @libnoon)
• [Core] Ignore mapped files not found on filesystem (stat) to suppress
  chroot false positives.
  (github issue #158 by @mphilipps)
  (github issue #152 by Ivan Kurnosov @zerkms and @djl)
• [Core] Supress warnings from Proc::ProcessTable.
  (github issue #170 by @mphilipps)
• [CONT] Fix docker detection on CentOS 7.
  (github issue #165 by Christian Ruppert @idl0r)
• [notify] Fix notify-send not working with dbus-user-session.
  (github issue #76 by @Vladimir-csp)
• [Core] Ignore mapped files in temporary directories.
  (Debian Bug#925408 by Donald Pellegrino [email protected])

3.4

Changes:

• Features:

  • [L10n] Add Czech localization.
    (github pull request #131 by @p-bo)
    (github pull request #132 by @p-bo)
    (github pull request #133 by @p-bo)
  • [Core] Add FRR to override.
    (github pull request #138 by David Lamparter @eqvinox)
  • [Core] Detect if run inside a container or vm using systemd.
    (github issue #139 by Tobby @tobby88)
  • [Core] Skip needrestart in apt hook if system is shutting down.
    (Debian Bug#914753 by Balint Reczey [email protected])

• Changes:

  • [Core] Do restart systemd-journald (again).
    (see also Debian Bug#771122, #771254 and #898818)
    (Debian Bug#898818 by Mathieu Parent [email protected])

• Fixes:

  • [uCode] Ignore broken microcode files (required for CentOS).
    (github issue #123 by Marc Dequènes (Duck) @duck-rh)
  • [uCode] Parse output of old iucode-tool 1.5.
    (github pull request #127 by Lutz Heermann @LuHee)
  • [uCode] Prevent microcode false positives for BIOS updates.
    (Debian Bug#906958 by Maik Zumstrull [email protected])
  • [uCode] Handle microcode updates for multiple CPUs in initramfs.
    (Debian Bug#907372 by Paul Wise [email protected])
  • [Core] Ignore temporary mappings of elasticsearch.
    (github issue #134 by Georg @teadur)
  • [Core] Do not restart oneshot services from systemd-cron.
    (Debian Bug#917073 by Antti Salmela [email protected])

3.3

ChangeLog

• Fixes:
  • [Core] Configuration file is ignored.
    (Debian Bug#901999 by Andreas Schmidt [email protected])
    (Debian Bug#902031 by Axel Beckert [email protected])
    (Debian Bug#902049 by Jon [email protected])
    (github issue #121 by Sven Hartge @shartge)
  • [Interp] Supress uninitalized value if abs_path fails.
    (github issue #120 by Craig Andrews @candrews)

3.2

ChangeLog

• Changes:

  • [Kernel] Include /boot/kernel* while looking for linux
    kernel images (required for Gentoo)
    (Gentoo Bug 654958 by Klaus Ethgen)
    (github pull request #113 by Craig Andrews @candrews)
  • [Core] Do not restart ModemManager by default.
    (github pull request #119 by @bodqhrohro)

• Fixes:

  • [UI] Do not call GetTerminalSize if STDOUT is not a tty.
    (github pull request #110 by Michael Scherer @mscherer)
  • [uCode] Filter microcode for CPU signature and flags.
    (github issue #112 by @mgondium)
    (Debian Bug#900298 by Francois Mescam [email protected])
  • [uCode] Assigning ucodehints a false value disables ucode
    checks.
    (github issue #115 by Johannes Kampmeyer @xschlef)
  • [Hooks] Ignore non-executable init scripts.
    (github issue #116 by Marc Dequènes (Duck) @duck-rh)
  • [L10n] Fix typo in Russian localization.
    (github pull request #118 by @bodqhrohro)
  • [UI] Do not leak fd into restarted services.
    (Debian Bug#893152 by Stephen Rothwell [email protected])

3.1

ChangeLog

• Changes:

  • [uCode] Handle microcode upgrades in early boot initrd images,
    required at least on Arch Linux.
    (github issue #106 by @Wuestengecko)

• Fixes:

  • [uCode] Fix uninitialized value in batch mode.
    (Debian Bug#891923 by Bob Proulx <[email protected]>)
    (github issue #105 by Evgenii Terechkov @evgkrsk)
  • [uCode] Fix completely broken microcode update detection.
    (github issue #108 by @Wuestengecko)
  • [UI] Fix microcode revision placeholders in NeedRestart::UI::stdio.

3.0

Changes:

• Features:
  • [Core] Possible to suspend needrestart in apt-get hook using
    the NEEDRESTART_SUSPEND environment variable.
    (github issue #71 by Ludovic Gasc @GMLudo et. al.)
  • [Core] Possible to override the configured restart mode using
    the NEEDRESTART_MODE environment variable.
    (Debian Bug#866105 by Marc Haber [email protected])
  • [uCode] Check for pending Intel microcode updates.
    (Debian Bug#886445 by Paul Wise [email protected])
• Changes:
  • [Core] Do not try to restart service units with RefuseManualStop=yes.
    (github issue #75 by Marc Dequènes @duck-rh)
  • [Kernel] Try to adopt RPM's version sorting to get most recent kernel.
    (github issue #73 by Maximilian Gaß @mxey)
  • [Core] Tune blacklist_mappings default setting to match on deleted maps.
  • [UI] Respect verbosity in UI::stdio, just like UI::Debconf.
    (github pull request #88 by @guillaume-uH57J9)
  • [Core] Improve output formating.
    (github issue #84 by Stavros Ntentos @stdedos)
  • [Core] Improve container detection to skip kernel and microcode checks.
• Fixes:
  • [Core] Makefile: Fix installation of restart.d/ scripts.
    (Debian Bug#851866 by Sven Hartge [email protected])
  • [Core] Fix warning in Perl 5.20.x, not triggered in 5.24.x
    in needrestart.conf (Oil Runtime Compiler's JIT files).
    (patch by Patrick Matthäi (Debian))
  • [Core] Do not restart oneshot services.
    (Debian Bug#862840 by Alan Jenkins [email protected])
  • [Core] Ignore rc-local.service.
    (Debian Bug#852864 by Paul Wise [email protected])
  • [Core] Do not restart libvirt by default.
    (github issue #69 by Craig Andrews @candrews)
  • [Interp/Perl] Add missing cwd restore before a return.
    (github issues #55 and #70 Craig Andrews @candrews and Stefan Bühler @stbuehler)
  • [Core] README.md: Fix spelling.
    (github issue #74 by Edward Betts @EdwardBetts)
  • [Core] Add bird to override.
    (github issue #78 by Björn Lässig @Farom)
  • [Interp/(Perl|Python)] Use absolute paths used to search the package
    of a script file.
    (github issue #79 by Christopher Odenbach @odenbach)
  • [Hook] Use rpm -q --filesbypkg rather than rpmquery.
    (github issue #81 by Sven Hartge @shartge)
  • [CONT] Detect docker container ns running not on systemd.
  • [CONT] Ignore processes running inside docker containers.
    (github issue #80 by Christopher Odenbach @odenbach)
  • [Core] Ignore special filename mappings used by recent versions of
    KDE plasmashell.
    (github issue #65 by @GoTeamAnt)
    (Debian Bug#879091 by Paul Wise [email protected])
  • [Core] Fix handling of library mappings if target does not exist.
    (github issue #58 by @pigen)
    (Debian Bug#878700 by Richard Hector [email protected])
  • [Hook] Fix handling of multiarch packages.
    (github issue #56 by @mayasd)
  • [Interp] Ignore interpreter processes with unreachable root fs (i.e.
    in different mnt ns).
    (github issue #72 by Stefan Bühler @stbuehler)
  • [Core] Add missing unnamed device major numbers (fix for OpenVZ).
    (Debian Bug#876452 by Piotr Pańczyk [email protected])
  • [UI] Do not call GetTerminalSize() if STDOUT is not a TTY.
    (Debian Bug#859387 by by Paul Wise [email protected])
    (github issues #85 and #86 by @guillaume-uH57J9)
  • [UI] Fix switch from interactive to list mode if debconf is run
    noninteractive.
    (Debian Bug#876459 by Piotr Pańczyk [email protected])
  • [man] Add documentation on restart mode if run non-interactive.
    (Debian Bug#842512 by Antoine Beaupré [email protected])
  • [Core] Ignore some Java false positives (JNA, JFFI).
    (github pull request #89 by Maximilian Gaß @mxey)
    (github issue #60 by @ge-fa)
  • [Core] Output NRPE message "root needed" on stdout.
    (github pull request #91 by @nirgal)
  • [Core] Use override_cont when querying containers.
    (github pull request #94 by Nigel Kukard @nkukard)
  • [Core] Do not restart docker by default.
  • [Core] Fix typo in man page.
    (Debian Bug#885448 by Paul Wise [email protected])
  • [Interp] Fix perl warning if cwd is unreachable.
    (github issue #99 by @glitsj16)
  • [Hook] Replace remaining calls of rpmquery by rpm.
    (github issue #100 by Matthias Hörmann @taladar)
  • [Core] Fix additional unit detection in dbus restart handler.
    (github issue #104 by Alexander Barton @alexbarton)

2.11

• Features:
  • [Core] Allow special treatment to restart services (i.e. dbus).
    (github issue #44 by @Vladimir-csp)
  • [Cont] Support restarting LXD-based LXC containers.
    (github issue #26 by James Johnston @JohnstonJ)
  • [Core] New config option to enforce legacy session detection if systemd
    is used without PAM integration.
    (github issue #52 by @micw and Eric S. @Korni22)
• Fixes:
  • [Core] Fix default config type for override_* settings.
    (github issue #47 by @mphilipps)
  • [Kernel] Ignore initrd filenames while looking for kernel image files.
    (github issue #49 by Evgenii Terechkov @evgkrsk)
  • [Kernel] Strip .img from version string when deducting the kernel
    version from filename.
    (github issue #49 by Evgenii Terechkov @evgkrsk)
  • [Core] Fix wrong regex quotation in default configuration file.
    (Debian Bug#844283 by Paul Wise [email protected])
  • [Core] Add display-manager 'lxdm' to override.
    (Debian Bug#845996 by Rodrigo Campos [email protected])
  • [Interp] Make paths when searching source files relative to the root
    path of the process.
    (github issue #54 by Tomasz Kontusz @ktosiek)

2.10

• Features:
  • [Interp] Allow ignoring of interpreted files.
    (github issue #39 by Wolfgang Karall @wolfgangkarall)
  • [Core] Make verification of mapped files in fileystem configurable as a
    workaround for broken grsecurity kernels.
    (github issue #46 by @jleroy @eigengrau)
  • [Core] Make ignore of mapped files configurable.
    (github issue #45 by @stbuehler)
• Fixes:
  • [Core] Do not ignore processes if maps file could not be read.
  • [Perl] Silence warnings of Module::ScanDeps for dynamic loaded modules.
    (github issue #41 by @bxkx @r-lindner)
  • [UI] Do not use Text::Wrap while printing restart commands.
    (Debian Bug#838622 by Paul Wise [email protected])
  • [Core] Do really restart services in automatic mode.
    (Debian Bug#838355 by Georg [email protected])
  • [Kernel] Include /boot/*.img while looking for linux kernel images.
    Fixes kernel detection on Raspbian.
    (github issue #38 by @fenhl)