HN Reader

Why does a critical utility like this need Python, Ruby, and Perl? Scripting languages intended for applications development, with their interpreters and libraries and dependencies, expand the attack surface beyond anyone's ability to consider all of the security holes.

The article doesn't mention that the security vulnerabilities are inherited from Debian, so Debian users are also affected.

The article is incorrect in implying that users must either upgrade to needrestart 3.8 or adjust configuration to mitigate. If you're using Debian or Ubuntu, the correct thing to is to upgrade to the distribution's already patched version by using the usual "apt update && apt upgrade". This won't take you up to 3.8 but will fix the issue, as is the point of stable distribution releases.

On Ubuntu, this is automatic since unattended-upgrades installs security upgrades nightly by default.