Accepted fail2ban 0.8.6-3wheezy3 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 22 Jun 2014 11:56:54 -0400
Source: fail2ban
Binary: fail2ban
Architecture: source all
Version: 0.8.6-3wheezy3
Distribution: wheezy-security
Urgency: high
Maintainer: Yaroslav Halchenko <debian@onerussian.com>
Changed-By: Yaroslav Halchenko <debian@onerussian.com>
Description:
fail2ban - ban hosts that cause multiple authentication errors
Changes:
fail2ban (0.8.6-3wheezy3) wheezy-security; urgency=high
.
* Use anchored failregex for filters to avoid possible DoS. Manually
picked up from the current status of 0.8 branch (as of
0.8.13-29-g09b2016):
- CVE-2013-7176: postfix.conf - anchored on the front, expects
"postfix/smtpd" prefix in the log line
- CVE-2013-7177: cyrus-imap.conf - anchored on the front, and
refactored to have a single failregex
- couriersmtp.conf - anchored on both sides
- exim.conf - front-anchored versions picked up from exim.conf
and exim-spam.conf
- lighttpd-fastcgi.conf - front-anchored picked up from suhosin.conf
Checksums-Sha1:
13799f93285f625f74efdb60fc47a86ca3b7dd1b 1254 fail2ban_0.8.6-3wheezy3.dsc
3bf99a767eef262f678f524f1669829b92d736fd 31769 fail2ban_0.8.6-3wheezy3.diff.gz
f77ee25d8ecc7b81f986f0630046785b21f0602d 104460 fail2ban_0.8.6-3wheezy3_all.deb
Checksums-Sha256:
0dc391d57e64f1b93c615f47e5b8d9d39d3544a6c8f253fa67b3032c91d988f5 1254 fail2ban_0.8.6-3wheezy3.dsc
af857dacdc8cd9309a86531259eaffa97c3693501001ddd3c481e4ff579175b9 31769 fail2ban_0.8.6-3wheezy3.diff.gz
815b28ffdfcfbf0c8983facad46d54edffce63df2269ef9dc79b60886e747794 104460 fail2ban_0.8.6-3wheezy3_all.deb
Files:
0e19f4a9d11f65984031352311ecb139 1254 net optional fail2ban_0.8.6-3wheezy3.dsc
f3bf9aa21d5c9a8a1334d4c93a0106ba 31769 net optional fail2ban_0.8.6-3wheezy3.diff.gz
e0b428dc54c4911ec1acef7e20040bc0 104460 net optional fail2ban_0.8.6-3wheezy3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlPD5RwACgkQjRFFY3XAJMhTPwCfQa4ZCzQNb18fI95z9JVc/DvT
rbwAn2H66xWarqrdlYbmgUaxJIgdaJ2f
=SeoY
-----END PGP SIGNATURE-----
Reply to: