Version in base suite: 3.5-4

Base version: needrestart_3.5-4
Target version: needrestart_3.5-4+deb11u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/n/needrestart/needrestart_3.5-4.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/n/needrestart/needrestart_3.5-4+deb11u1.dsc

 changelog                        |    7 ++++++
 patches/08-anchor-interp-re.diff |   42 +++++++++++++++++++++++++++++++++++++++
 patches/series                   |    1 
 3 files changed, 50 insertions(+)

diff -Nru needrestart-3.5/debian/changelog needrestart-3.5/debian/changelog
--- needrestart-3.5/debian/changelog	2021-04-12 08:04:21.000000000 +0000
+++ needrestart-3.5/debian/changelog	2022-05-13 08:50:07.000000000 +0000
@@ -1,3 +1,10 @@
+needrestart (3.5-4+deb11u1) bullseye-security; urgency=high
+
+  * Add patch 08-anchor-interp-re to fix not anchored regular expressions.
+    This fixes CVE-2022-30688.
+
+ -- Patrick Matthäi <pmatthaei@debian.org>  Thu, 13 May 2022 10:50:07 +0200
+
 needrestart (3.5-4) unstable; urgency=medium
 
   * New source only upload.
diff -Nru needrestart-3.5/debian/patches/08-anchor-interp-re.diff needrestart-3.5/debian/patches/08-anchor-interp-re.diff
--- needrestart-3.5/debian/patches/08-anchor-interp-re.diff	1970-01-01 00:00:00.000000000 +0000
+++ needrestart-3.5/debian/patches/08-anchor-interp-re.diff	2022-05-13 08:50:07.000000000 +0000
@@ -0,0 +1,42 @@
+# Upstream patch to fix not anchored regular expressions.
+
+diff --git a/perl/lib/NeedRestart/Interp/Perl.pm b/perl/lib/NeedRestart/Interp/Perl.pm
+index 40aabb4..5031679 100644
+--- a/perl/lib/NeedRestart/Interp/Perl.pm
++++ b/perl/lib/NeedRestart/Interp/Perl.pm
+@@ -43,7 +43,7 @@ sub isa {
+     my $pid = shift;
+     my $bin = shift;
+ 
+-    return 1 if($bin =~ m@/usr/(local/)?bin/perl@);
++    return 1 if($bin =~ m@^/usr/(local/)?bin/perl(5[.\d]*)?$@);
+ 
+     return 0;
+ }
+diff --git a/perl/lib/NeedRestart/Interp/Python.pm b/perl/lib/NeedRestart/Interp/Python.pm
+index 559666c..a30121d 100644
+--- a/perl/lib/NeedRestart/Interp/Python.pm
++++ b/perl/lib/NeedRestart/Interp/Python.pm
+@@ -42,7 +42,7 @@ sub isa {
+     my $pid = shift;
+     my $bin = shift;
+ 
+-    return 1 if($bin =~ m@/usr/(local/)?bin/python@);
++    return 1 if($bin =~ m@^/usr/(local/)?bin/python([23][.\d]*)?$@);
+ 
+     return 0;
+ }
+diff --git a/perl/lib/NeedRestart/Interp/Ruby.pm b/perl/lib/NeedRestart/Interp/Ruby.pm
+index d02973d..72920f3 100644
+--- a/perl/lib/NeedRestart/Interp/Ruby.pm
++++ b/perl/lib/NeedRestart/Interp/Ruby.pm
+@@ -42,7 +42,7 @@ sub isa {
+     my $pid = shift;
+     my $bin = shift;
+ 
+-    return 1 if($bin =~ m@/usr/(local/)?bin/ruby@);
++    return 1 if($bin =~ m@^/usr/(local/)?bin/ruby$@);
+ 
+     return 0;
+ }
+
diff -Nru needrestart-3.5/debian/patches/series needrestart-3.5/debian/patches/series
--- needrestart-3.5/debian/patches/series	2021-04-12 08:04:21.000000000 +0000
+++ needrestart-3.5/debian/patches/series	2022-05-13 08:50:07.000000000 +0000
@@ -5,3 +5,4 @@
 05-ignore-nvidia-memfd.diff
 06-dont-restart-bluetooth.diff
 07-runit.diff
+08-anchor-interp-re.diff