-
fail2ban (0.8.6-3wheezy3build0.12.04.1) precise-security; urgency=medium
* fake sync from Debian
fail2ban (0.8.6-3wheezy3) wheezy-security; urgency=high
* Use anchored failregex for filters to avoid possible DoS. Manually
picked up from the current status of 0.8 branch (as of
0.8.13-29-g09b2016):
- CVE-2013-7176: postfix.conf - anchored on the front, expects
"postfix/smtpd" prefix in the log line
- CVE-2013-7177: cyrus-imap.conf - anchored on the front, and
refactored to have a single failregex
- couriersmtp.conf - anchored on both sides
- exim.conf - front-anchored versions picked up from exim.conf
and exim-spam.conf
- lighttpd-fastcgi.conf - front-anchored picked up from suhosin.conf
-- Marc Deslauriers <email address hidden> Fri, 08 Aug 2014 14:06:12 -0400
-
fail2ban (0.8.6-3wheezy2build0.12.04.1) precise-security; urgency=low
* fake sync from Debian
fail2ban (0.8.6-3wheezy2) wheezy-security; urgency=high
* Anchor apache- filters failregexes to avoid possible DoS on servers
which enabled corresponding jails. Fix cherry-picked from upstream
0.8.9-29-g6ccd578 . See http://seclists.org/fulldisclosure/2013/Jun/66
fail2ban (0.8.6-3wheezy1) unstable; urgency=high
* CVE-2012-5642: Escape the content of <matches> since its value could
contain arbitrary symbols (Closes: #696184)
* Since package source format remained 1.0, manpages patch
(deb_manpages_reportbug) was not applied -- fold it into .diff.gz
-- Marc Deslauriers <email address hidden> Tue, 18 Jun 2013 13:03:51 -0400
-
fail2ban (0.8.6-3) unstable; urgency=low
* Added dovecot section to Debian's jail.conf. Thanks to Laurent
Léonard (Closes: #655182)
* init.d script now returns non-0 exit codes upon status command
with not running / failed to connect server. Thanks to
Glenn Aaldering for the patch
-- Yaroslav Halchenko <email address hidden> Sun, 08 Jan 2012 21:46:24 -0500
-
fail2ban (0.8.6-2) unstable; urgency=low
* Added pure-ftpd section to Debian's jail.conf. Thanks to Laurent
Léonard (Closes: #654412)
* Enhancement: action to use /proc/net/xt_recent and run f2b as a normal
user. Many many thanks to Zbyszek Szmek (Closes: #602016)
-- Yaroslav Halchenko <email address hidden> Tue, 03 Jan 2012 10:36:24 -0500
-
fail2ban (0.8.6-1) unstable; urgency=low
* [1efe1bc] Fresh upstream release (Closes: #648324)
* Boosted policy compliance to 3.9.2 -- no changes
* Adjusted debian/watch to fetch tarballs from github
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 12 Dec 2011 11:57:11 +0000
-
fail2ban (0.8.5-2) unstable; urgency=low
* [5242e73] BF: (cherry-picked from upstream, DEP-3 yet TODO) Lock
server's executeCmd to prevent racing among iptables calls (Closes:
#554162) Many kudos go to Michael Saavedra for the patch
-- Ubuntu Archive Auto-Sync <email address hidden> Mon, 17 Oct 2011 09:16:09 +0000
-
fail2ban (0.8.5-1) unstable; urgency=low
* [de95777] Fresh upstream release FAIL2BAN-0_8_5:
- [00e1827] BF: use addfailregex instead of failregex while processing
per-jail "failregex" parameter (Closes: #635830) (LP: #635036)
Thanks Marat Khayrullin for the patch and Daniel T Chen for forwarding to
Debian.
* [1cbdafc] Set backend to auto and recommends python-gamin (Closes: #524425)
* [ef449f4] Added a note on diverting logrotate configuration for custom
logtarget=SYSLOG (Closes: #631917). Thanks Kenyon Ralph for report
-- Daniel T Chen <email address hidden> Mon, 08 Aug 2011 23:34:01 +0000
