Accepting request 1010250 from home:polslinux:branches:security

- Update to 1.0.1: * https://github.com/fail2ban/fail2ban/blob/1.0.1/ChangeLog - Remove fail2ban-0.11.2-upstream-patch-python-3.9.patch. - Remove fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch. - Remove fail2ban-rpmlintrc since it's no longer needed. - Add fail2ban.keyring. OBS-URL: https://build.opensuse.org/request/show/1010250 OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=112
2022-10-12 14:29:51 +00:00 · 2022-10-12 14:29:51 +00:00 · 974194c817
commit 974194c817
parent de3e0144c6
12 changed files with 69 additions and 301 deletions
--- a/fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch
+++ b/fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch
@ -1,155 +0,0 @@
 From 410a6ce5c80dd981c22752da034f2529b5eee844 Mon Sep 17 00:00:00 2001
 From: sebres <serg.brester@sebres.de>
 Date: Mon, 21 Jun 2021 17:12:53 +0200
 Subject: [PATCH] fixed possible RCE vulnerability, unset escape variable
 (default tilde) stops consider "~" char after new-line as composing escape
 sequence
 ---
 config/action.d/complain.conf         | 2 +-
 config/action.d/dshield.conf          | 2 +-
 config/action.d/mail-buffered.conf    | 8 ++++----
 config/action.d/mail-whois-lines.conf | 2 +-
 config/action.d/mail-whois.conf       | 6 +++---
 config/action.d/mail.conf             | 6 +++---
 6 files changed, 13 insertions(+), 13 deletions(-)
 diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf
 index 3a5f882c9f..4d73b05859 100644
 --- a/config/action.d/complain.conf
 +++ b/config/action.d/complain.conf
@@ -102,7 +102,7 @@ logpath = /dev/null
 # Notes.:  Your system mail command. Is passed 2 args: subject and recipient
 # Values:  CMD
 #
 -mailcmd = mail -s
 +mailcmd = mail -E 'set escape' -s
 # Option:  mailargs
 # Notes.:  Additional arguments to mail command. e.g. for standard Unix mail:
 diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
 index c128bef348..3d5a7a53a9 100644
 --- a/config/action.d/dshield.conf
 +++ b/config/action.d/dshield.conf
@@ -179,7 +179,7 @@ tcpflags =
 # Notes.:  Your system mail command. Is passed 2 args: subject and recipient
 # Values:  CMD
 #
 -mailcmd = mail -s
 +mailcmd = mail -E 'set escape' -s
 # Option:  mailargs
 # Notes.:  Additional arguments to mail command. e.g. for standard Unix mail:
 diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf
 index 325f185b2f..79b841049c 100644
 --- a/config/action.d/mail-buffered.conf
 +++ b/config/action.d/mail-buffered.conf
@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n
               The jail <name> has been started successfully.\n
               Output will be buffered until <lines> lines are available.\n
               Regards,\n
 -              Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
 +              Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
 # Option:  actionstop
 # Notes.:  command executed at the stop of jail (or at the end of Fail2Ban)
@@ -28,13 +28,13 @@ actionstop = if [ -f <tmpfile> ]; then
                  These hosts have been banned by Fail2Ban.\n
                  `cat <tmpfile>`
                  Regards,\n
 -                 Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
 +                 Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
                  rm <tmpfile>
              fi
              printf %%b "Hi,\n
              The jail <name> has been stopped.\n
              Regards,\n
 -             Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
 +             Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
                 These hosts have been banned by Fail2Ban.\n
                 `cat <tmpfile>`
                 \nRegards,\n
 -                Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
 +                Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary" <dest>
                 rm <tmpfile>
             fi
 diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf
 index 3a3e56b2c7..d2818cb9b9 100644
 --- a/config/action.d/mail-whois-lines.conf
 +++ b/config/action.d/mail-whois-lines.conf
@@ -72,7 +72,7 @@ actionunban =
 # Notes.:  Your system mail command. Is passed 2 args: subject and recipient
 # Values:  CMD
 #
 -mailcmd = mail -s
 +mailcmd = mail -E 'set escape' -s
 # Default name of the chain
 #
 diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf
 index 7fea34c40d..ab33b616dc 100644
 --- a/config/action.d/mail-whois.conf
 +++ b/config/action.d/mail-whois.conf
@@ -20,7 +20,7 @@ norestored = 1
 actionstart = printf %%b "Hi,\n
               The jail <name> has been started successfully.\n
               Regards,\n
 -              Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
 +              Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
 # Option:  actionstop
 # Notes.:  command executed at the stop of jail (or at the end of Fail2Ban)
@@ -29,7 +29,7 @@ actionstart = printf %%b "Hi,\n
 actionstop = printf %%b "Hi,\n
              The jail <name> has been stopped.\n
              Regards,\n
 -             Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
 +             Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
@@ -49,7 +49,7 @@ actionban = printf %%b "Hi,\n
             Here is more information about <ip> :\n
             `%(_whois_command)s`\n
             Regards,\n
 -            Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
 +            Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
 diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf
 index 5d8c0e154c..f4838ddcb6 100644
 --- a/config/action.d/mail.conf
 +++ b/config/action.d/mail.conf
@@ -16,7 +16,7 @@ norestored = 1
 actionstart = printf %%b "Hi,\n
               The jail <name> has been started successfully.\n
               Regards,\n
 -              Fail2Ban"|mail -s "[Fail2Ban] <name>: started  on <fq-hostname>" <dest>
 +              Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started  on <fq-hostname>" <dest>
 # Option:  actionstop
 # Notes.:  command executed at the stop of jail (or at the end of Fail2Ban)
@@ -25,7 +25,7 @@ actionstart = printf %%b "Hi,\n
 actionstop = printf %%b "Hi,\n
              The jail <name> has been stopped.\n
              Regards,\n
 -             Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
 +             Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
@@ -43,7 +43,7 @@ actionban = printf %%b "Hi,\n
             The IP <ip> has just been banned by Fail2Ban after
             <failures> attempts against <name>.\n
             Regards,\n
 -            Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
 +            Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
--- a/fail2ban-0.11.2-upstream-patch-python-3.9.patch
+++ b/fail2ban-0.11.2-upstream-patch-python-3.9.patch
@ -1,103 +0,0 @@
 From 8ae9208454e426aa87b96ba5df26036c4ae5cefd Mon Sep 17 00:00:00 2001
 From: "Sergey G. Brester" <serg.brester@sebres.de>
 Date: Mon, 8 Feb 2021 16:44:27 +0100
 Subject: [PATCH 1/4] try to provide coverage for 3.10-alpha.5 (#2931)
 ---
 .github/workflows/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
 index 7a1d31df3d..262448c2da 100644
 --- a/.github/workflows/main.yml
 +++ b/.github/workflows/main.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-20.04
     strategy:
       matrix:
 -        python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, pypy2, pypy3]
 +        python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, '3.10.0-alpha.5', pypy2, pypy3]
       fail-fast: false
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
 From 2b6bb2c1bed8f7009631e8f8c306fa3160324a49 Mon Sep 17 00:00:00 2001
 From: "Sergey G. Brester" <serg.brester@sebres.de>
 Date: Mon, 8 Feb 2021 17:19:24 +0100
 Subject: [PATCH 2/4] follow bpo-37324:
 :ref:`collections-abstract-base-classes` moved to the :mod:`collections.abc`
 module
 (since 3.10-alpha.5 `MutableMapping` is missing in collections module)
 ---
 fail2ban/server/action.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
 diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py
 index 3bc48fe046..f0f1e6f59a 100644
 --- a/fail2ban/server/action.py
 +++ b/fail2ban/server/action.py
@@ -30,7 +30,10 @@
 import threading
 import time
 from abc import ABCMeta
 -from collections import MutableMapping
 +try:
 +	from collections.abc import MutableMapping
 +except ImportError:
 +	from collections import MutableMapping
 from .failregex import mapTag2Opt
 from .ipdns import DNSUtils
 From 42dee38ad2ac5c3f23bdf297d824022923270dd9 Mon Sep 17 00:00:00 2001
 From: "Sergey G. Brester" <serg.brester@sebres.de>
 Date: Mon, 8 Feb 2021 17:25:45 +0100
 Subject: [PATCH 3/4] amend for `Mapping`
 ---
 fail2ban/server/actions.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
 diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
 index b7b95b445a..897d907c1a 100644
 --- a/fail2ban/server/actions.py
 +++ b/fail2ban/server/actions.py
@@ -28,7 +28,10 @@
 import os
 import sys
 import time
 -from collections import Mapping
 +try:
 +	from collections.abc import Mapping
 +except ImportError:
 +	from collections import Mapping
 try:
 	from collections import OrderedDict
 except ImportError:
 From 9f1d1f4fbd0804695a976beb191f2c49a2739834 Mon Sep 17 00:00:00 2001
 From: "Sergey G. Brester" <serg.brester@sebres.de>
 Date: Mon, 8 Feb 2021 17:35:59 +0100
 Subject: [PATCH 4/4] amend for `Mapping` (jails)
 ---
 fail2ban/server/jails.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
 diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py
 index 972a8c4bd2..27e12ddf65 100644
 --- a/fail2ban/server/jails.py
 +++ b/fail2ban/server/jails.py
@@ -22,7 +22,10 @@
 __license__ = "GPL"
 from threading import Lock
 -from collections import Mapping
 +try:
 +	from collections.abc import Mapping
 +except ImportError:
 +	from collections import Mapping
 from ..exceptions import DuplicateJailException, UnknownJailException
 from .jail import Jail
--- a/fail2ban-0.11.2.tar.gz
+++ b/fail2ban-0.11.2.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:383108e5f8644cefb288537950923b7520f642e7e114efb843f6e7ea9268b1e0
 size 559552
--- a/fail2ban-0.11.2.tar.gz.asc
+++ b/fail2ban-0.11.2.tar.gz.asc
@ -1,11 +0,0 @@
 -----BEGIN PGP SIGNATURE-----
 iQEzBAABCAAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAl+8IJUACgkQaDvxvr0K
 iCx3lQf+Ko0DK0UCpcyQMD2eAkOSw9gReD8g6CgqubQe76SmJedUC25AX4BhtbnB
 lcWnoNP6txHHe4SglEPDqA2QPp05V7NrC0Jv6EHuIqs/tDYQOrPeHfj9zIdo8Xpm
 tuvEdJR9642RR7LRZprAMTMkdJG0DSAPeigpuL54GbbXrRMrZk6oe5JXy5kormYb
 X26odhekUOWCh7cSSFkOoc5fKeLQZkjRECMo4zr9TMCuG9q+PCokK2ZlUK2k+FKX
 Z82pPzxYn3XH9rOhgVPST2nyeZjb4xSMmsVNTO4FXytq/MwpdZW52cAbpgxMESWV
 9ziop+UtjS9z+WcsxKZEmpVJHSxk/Q==
 =1dk3
 -----END PGP SIGNATURE-----
--- a/fail2ban-1.0.1.tar.gz
+++ b/fail2ban-1.0.1.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:62b54679ebae81ac57f32c5e27aba9f2494ec5bafd45a0fd68e7a27fd448e5ac
 size 582122
--- a/fail2ban-1.0.1.tar.gz.asc
+++ b/fail2ban-1.0.1.tar.gz.asc
@ -0,0 +1,11 @@
 -----BEGIN PGP SIGNATURE-----
 iQEzBAABCgAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAmMzJ4sACgkQaDvxvr0K
 iCw69Af8DPa37VGkNRDAOsw7s5YYDQL2Ar8GeCI/NO8TYLfc+KzEvk3b7JfRLEUM
 w64O6y8Wsme40O34NhmlRazDeFKgCjCQlogWFN2iOB/VjYC94L2nXJCs1eAgTbIs
 KvbKUMOL7mMRZOf5c0EtgnYZQtQgLudN2Yv0qY/oFgic8klH34VLntSfAFs0acFJ
 c+RXobtVpKeQCs6aCooR13IGO8Oy0Tk8DpVfkoKtKNll2rPAoL9OuS0cTSEqSIRJ
 lxez7fd9ngkw4ORXii1eNXlJ4ubwBB/xqK/1B8zHwRxnB6XLDXeF4GkOzEP3YX2u
 Dmx6/AspkotASZK8ngAq40hodoMfig==
 =TOG+
 -----END PGP SIGNATURE-----
--- a/fail2ban-disable-iptables-w-option.patch
+++ b/fail2ban-disable-iptables-w-option.patch
@ -1,7 +1,6 @@
-diff -ur fail2ban-0.9.3-orig/config/action.d/iptables-common.conf fail2ban-0.9.3/config/action.d/iptables-common.conf
+--- fail2ban-1.0.1/config/action.d/iptables.conf.orig	2022-10-12 11:35:25.789327341 +0200
--- fail2ban-0.9.3-orig/config/action.d/iptables-common.conf	2015-08-01 03:32:13.000000000 +0200
+++ fail2ban-1.0.1/config/action.d/iptables.conf	2022-10-12 11:35:40.585449861 +0200
-+++ fail2ban-0.9.3/config/action.d/iptables-common.conf	2015-08-26 13:35:33.542992089 +0200
+@@ -138,8 +138,10 @@
@@ -55,8 +55,10 @@
 #          running concurrently and causing irratic behavior.  -w was introduced
 #          in iptables 1.4.20, so might be absent on older systems
 #          See https://github.com/fail2ban/fail2ban/issues/1122
--- a/fail2ban-opensuse-locations.patch
+++ b/fail2ban-opensuse-locations.patch
@ -1,7 +1,8 @@
-diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf
+Index: fail2ban-1.0.1/config/jail.conf
--- fail2ban-0.11.2-orig/config/jail.conf	2020-11-23 21:43:03.000000000 +0100
+===================================================================
-+++ fail2ban-0.11.2/config/jail.conf	2020-11-29 10:14:13.229200191 +0100
+--- fail2ban-1.0.1.orig/config/jail.conf
-@@ -731,7 +731,7 @@
+++ fail2ban-1.0.1/config/jail.conf
@@ -731,7 +731,7 @@ backend = %(syslog_backend)s
 # filter   = named-refused
 # port     = domain,953
 # protocol = udp
@ -10,7 +11,7 @@ diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf
 # IMPORTANT: see filter.d/named-refused for instructions to enable logging
 # This jail blocks TCP traffic for DNS requests.
-@@ -739,7 +739,7 @@
+@@ -739,7 +739,7 @@ backend = %(syslog_backend)s
 [named-refused]
 port     = domain,953
@ -19,16 +20,13 @@ diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf
 [nsd]
-Nur in fail2ban-0.11.2/config: jail.conf.orig.
+Index: fail2ban-1.0.1/config/paths-common.conf
-diff -ur fail2ban-0.11.2-orig/config/paths-common.conf fail2ban-0.11.2/config/paths-common.conf
+===================================================================
--- fail2ban-0.11.2-orig/config/paths-common.conf	2020-11-23 21:43:03.000000000 +0100
+--- fail2ban-1.0.1.orig/config/paths-common.conf
-+++ fail2ban-0.11.2/config/paths-common.conf	2020-11-29 10:14:13.237200352 +0100
+++ fail2ban-1.0.1/config/paths-common.conf
-@@ -90,7 +90,7 @@
+@@ -90,4 +90,4 @@ solidpop3d_log = %(syslog_local0)s
 mysql_log = %(syslog_daemon)s
 mysql_backend = %(default_backend)s
 -roundcube_errors_log = /var/log/roundcube/errors
 +roundcube_errors_log = /srv/www/roundcubemail/logs/errors
 # Directory with ignorecommand scripts
 ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands
--- a/3
+++ b/3
@ -1,3 +0,0 @@
 addFilter("W: htaccess-file .*tests.*")
 addFilter("W: hidden-file-or-dir .*tests.*")
 addFilter("W: no-manual-page-for-binary fail2ban-testcases")
--- a/fail2ban.changes
+++ b/fail2ban.changes
@ -1,3 +1,13 @@
 -------------------------------------------------------------------
 Wed Oct 12 08:11:52 UTC 2022 - Paolo Stivanin <info@paolostivanin.com>
 - Update to 1.0.1:
  * https://github.com/fail2ban/fail2ban/blob/1.0.1/ChangeLog
 - Remove fail2ban-0.11.2-upstream-patch-python-3.9.patch.
 - Remove fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch.
 - Remove fail2ban-rpmlintrc since it's no longer needed.
 - Add fail2ban.keyring.
 -------------------------------------------------------------------
 Sat Jan 22 11:17:48 UTC 2022 - Arjen de Korte <suse+build@de-korte.org>
--- a/fail2ban.keyring
+++ b/fail2ban.keyring
@ -0,0 +1,29 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 mQENBFeHbzIBCACWgr54J4t2fpI7EIrMTqso5kqPRTSY7eO2T0965JW6Zl4C0HZT
 Wz+9c5aGlKeotf4Fv7zOhpUwULFSGAq3tVbxAxW9++LAXPGad6uE4aPsXoQ6+0RV
 lJozNclURRal46vz3uuGLiSJ5+VQ1WD1sFLuw2/bMzE4GFR0z4w4UOc3ufAQ3obC
 i5szSy5JWtCsmvCdNlhXTxa66aUddN8/8IHJSB6QZabGEcG4WfsfhUiH38KUuqrO
 hYvT9ROY74pwSsHuWEzVRE00eJB4uxngsKHAGMYhkNxdKCG7Blu2IbJRcBE8QAs3
 BGqJR8FBify86COZYUZ7CuAyLyo1U6BZd7ohABEBAAG0KVNlcmcgRy4gQnJlc3Rl
 ciAoc2VicmVzKSA8aW5mb0BzZWJyZXMuZGU+iQE4BBMBAgAiBQJXh28yAhsDBgsJ
 CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBoO/G+vQqILMThB/0YUr7Y+urJChgm
 NG9exjjmTayoNb+XiMR5T2+A919NrKulEaH2mb51B7XBmFuCj8x5O1wA3xYo7B6h
 RVuNyb2eI3+bRD33QsKcs6NsgK/I1xLD15NrEftPckWqYypR6//u9Tmz5o9n9+/n
 2dH7SU7UPW468/bRUhFp+SQ70B0XLdyDgGLEN9TNsAvnEi30Vtjbia4Lp/NXYRkq
 GEzvpgZ7Dt9YhT+qdSs6AwyN0ZhnvX+zqXi+Q18xlbnuq2ZZkwK8Es/HdEDu2HNJ
 3nn3l15pyMe/OxYhg646NcqGR6j1rEZ7jXyN2i5sEdspXfwv0lGtLr7ANElWqOvX
 XYBAspRvuQENBFeHbzIBCACyCMv4CQ+blzj53ZLPyBMnj38oQ7bbpAtDThfB8hEZ
 uk6Kmo799Zo2rLG2iqvy8SEuN/bLQKyzFTiB4UYWvRxne792N0nWLU24/bd7j/Gh
 Q4EHUhs38WRSYtu93XCKzvyzn5s3504luOBF6czNrLeDfWXGVGosBsBoASY7de7a
 kiXb7a28dNDSG0JaR+QwONjmde9hAzqOX0iOYHvJeu68UKaUp4IrJ+nTMHFhwUbf
 awCmz+NPPrm360j4BuvYSWhS06tM7c6+gfvXHOTtJ5TEGbrm+I8d2q7nhxg3nku6
 7qnddkW2OS8EQVlw7XFox929mTLzw0MEmjqmSRTx2Qk3ABEBAAGJAR8EGAECAAkF
 AleHbzICGwwACgkQaDvxvr0KiCwdxQf7BM7jo6v7uU7324ZkLQmtZndcXnXZMbSw
 2pDzR2h01Vx7dHppzNOkyv8DvUWttwaMaTU57cdzThTkQPk8Lx8sCvi40RmWS2vs
 IArgTS1HNStprPUg4sk99JOZg2y4LBqkLUxZveDsH+rXdFA/fp8048/M4ss6qj4O
 ySe4crABbbv5yRADBJZt4LQdFoNGEpSaOtcxJmwJ7hrV+wQhVMm9m+/JpgzNT4rb
 muPgveqzmSiTGJ6Yy2bEKyY0dCyPuWbWWPt4mCcT+9emZC1O8EjST0i9f9EUUU6c
 6UCy7zi5EQ9CVv1Dlz1qefm/5/iFAAFQ5DtYC3cwDq8CqgqzoHMtNg==
 =vqSW
 -----END PGP PUBLIC KEY BLOCK-----
--- a/fail2ban.spec
+++ b/fail2ban.spec
@ -22,7 +22,7 @@
  %define _fillupdir %{_localstatedir}/adm/fillup-templates
 %endif
 Name:           fail2ban
-Version:        0.11.2
+Version:        1.0.1
 Release:        0
 Summary:        Bans IP addresses that make too many authentication failures
 License:        GPL-2.0-or-later
@ -37,8 +37,7 @@ Source6:        sfw-fail2ban.conf
 Source7:        f2b-restart.conf
 # Path definitions have been submitted to upstream
 Source8:        paths-opensuse.conf
-# ignore some rpm-lint messages
+Source200:      fail2ban.keyring
 Source200:      %{name}-rpmlintrc
 # PATCH-FIX-OPENSUSE fail2ban-opensuse-locations.patch bnc#878028 jweberhofer@weberhofer.at -- update default locations for logfiles
 Patch100:       %{name}-opensuse-locations.patch
 # PATCH-FIX-OPENSUSE fail2ban-opensuse-service.patch jweberhofer@weberhofer.at -- openSUSE modifications to the service file
@ -51,10 +50,6 @@ Patch201:       %{name}-0.10.4-env-script-interpreter.patch
 Patch300:       fail2ban-opensuse-service-sfw.patch
 # PATCH-FEATURE-OPENSUSE harden_fail2ban.service.patch jsegitz@suse.com -- Added hardening to systemd service(s) bsc#1181400
 Patch301:       harden_fail2ban.service.patch
 # PATCH-FIX-UPSTREAM fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch jweberhofer@weberhofer.at -- fixes CVE-2021-32749
 Patch400:       fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch
 # PATCH-FIX-UPSTREAM fail2ban-0.11.2-upstream-patch-python-3.9.patch jweberhofer@weberhofer.at -- allow running under python 3.9+
 Patch401:       fail2ban-0.11.2-upstream-patch-python-3.9.patch
 BuildRequires:  fdupes
 BuildRequires:  logrotate
@ -142,8 +137,6 @@ sed -i -e 's/^before = paths-.*/before = paths-opensuse.conf/' config/jail.conf
 %patch300 -p1
 %endif
 %patch301 -p1
 %patch400 -p1
 %patch401 -p1
 rm 	config/paths-arch.conf \
 	config/paths-debian.conf \