-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 26 Jul 2014 10:00:00 +0200 Source: fail2ban Binary: fail2ban Architecture: source all Version: 0.8.4-3+squeeze3 Distribution: squeeze-lts Urgency: high Maintainer: Yaroslav Halchenko <debian@onerussian.com> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: fail2ban - bans IPs that cause multiple authentication errors Changes: fail2ban (0.8.4-3+squeeze3) squeeze-lts; urgency=high . * Use anchored failregex for filters to avoid possible DoS. Manually picked up from the current status of 0.8 branch (as of 0.8.13-29-g09b2016): - CVE-2013-7176: postfix.conf - anchored on the front, expects "postfix/smtpd" prefix in the log line - CVE-2013-7177: cyrus-imap.conf - anchored on the front, and refactored to have a single failregex - couriersmtp.conf - anchored on both sides - exim.conf - front-anchored versions picked up from exim.conf and exim-spam.conf - lighttpd-fastcgi.conf - front-anchored picked up from suhosin.conf (copied from the Wheezy version) * Catch also failed logins via secured (imaps/pop3s) for cyrus-imap. Regression was introduced while strengthening failregex in 0.8.11 (bd175f) Debian bug #755173 * cyrus-imap: catch "user not found" attempts Checksums-Sha1: 51612177065fff94d68643a604564cc2e4e14254 1230 fail2ban_0.8.4-3+squeeze3.dsc 5aa2b9760c5fdbe77f04ffa7a3d4fd127a2b714c 85063 fail2ban_0.8.4.orig.tar.gz ae97dec979f319b564dea6186db47578038356fa 33192 fail2ban_0.8.4-3+squeeze3.diff.gz 1129a7e841ae3afd0ccbce241a69edf30d55f010 98096 fail2ban_0.8.4-3+squeeze3_all.deb Checksums-Sha256: bf9894b0ea4846fa0ab25d44ae12303b5c2ef3762dd51a07dce8cf2ace9d1aaa 1230 fail2ban_0.8.4-3+squeeze3.dsc 186f89c43a234c124bbdf4b45d54039b1391da3ccf64f0f6314b8caf0907db5f 85063 fail2ban_0.8.4.orig.tar.gz 9bf0f8e41a07206db3e105844743b93afa7bb1b04ba63332821f92e1336cd6e4 33192 fail2ban_0.8.4-3+squeeze3.diff.gz 785d5d359ff37e63d40a845c925f6f19339201dfd873ebfd842f4ab10b5d3e2d 98096 fail2ban_0.8.4-3+squeeze3_all.deb Files: d7ad2e137665edfbd19c16c6bb3624ba 1230 net optional fail2ban_0.8.4-3+squeeze3.dsc a248908e1a07cd6cd623daf6a1e03628 85063 net optional fail2ban_0.8.4.orig.tar.gz 3c688b4151cafbd1d84c337661055aa5 33192 net optional fail2ban_0.8.4-3+squeeze3.diff.gz 9a809449370133397ac4d929c81fcdbf 98096 net optional fail2ban_0.8.4-3+squeeze3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlPTfc0ACgkQ02K2KlS5mJA8ywCglWOPrCColPtdCziZ9mEll2MO YxAAn2buX7qhJ2m7L8joVAD1MiktZDDo =nK/x -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-lts-changes-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org Archive: https://lists.debian.org/E1XAz4l-0006BL-1z@franck.debian.org