pool/fail2ban
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1010267 from security

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1010267
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/fail2ban?expand=0&rev=65
This commit is contained in:
Dominique Leuenberger 2022-10-13 13:44:50 +00:00 committed by Git OBS Bridge
commit bbcfbbcf56
12 changed files with 69 additions and 301 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch
View File

@ -1,155 +0,0 @@
From 410a6ce5c80dd981c22752da034f2529b5eee844 Mon Sep 17 00:00:00 2001
From: sebres <serg.brester@sebres.de>
Date: Mon, 21 Jun 2021 17:12:53 +0200
Subject: [PATCH] fixed possible RCE vulnerability, unset escape variable
(default tilde) stops consider "~" char after new-line as composing escape
sequence
---
config/action.d/complain.conf | 2 +-
config/action.d/dshield.conf | 2 +-
config/action.d/mail-buffered.conf | 8 ++++----
config/action.d/mail-whois-lines.conf | 2 +-
config/action.d/mail-whois.conf | 6 +++---
config/action.d/mail.conf | 6 +++---
6 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf
index 3a5f882c9f..4d73b05859 100644
--- a/config/action.d/complain.conf
+++ b/config/action.d/complain.conf
@@ -102,7 +102,7 @@ logpath = /dev/null
# Notes.: Your system mail command. Is passed 2 args: subject and recipient
# Values: CMD
#
-mailcmd = mail -s
+mailcmd = mail -E 'set escape' -s
# Option: mailargs
# Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
index c128bef348..3d5a7a53a9 100644
--- a/config/action.d/dshield.conf
+++ b/config/action.d/dshield.conf
@@ -179,7 +179,7 @@ tcpflags =
# Notes.: Your system mail command. Is passed 2 args: subject and recipient
# Values: CMD
#
-mailcmd = mail -s
+mailcmd = mail -E 'set escape' -s
# Option: mailargs
# Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf
index 325f185b2f..79b841049c 100644
--- a/config/action.d/mail-buffered.conf
+++ b/config/action.d/mail-buffered.conf
@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n
The jail <name> has been started successfully.\n
Output will be buffered until <lines> lines are available.\n
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
# Option: actionstop
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
@@ -28,13 +28,13 @@ actionstop = if [ -f <tmpfile> ]; then
These hosts have been banned by Fail2Ban.\n
`cat <tmpfile>`
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
rm <tmpfile>
fi
printf %%b "Hi,\n
The jail <name> has been stopped.\n
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
# Option: actioncheck
# Notes.: command executed once before each actionban command
@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
These hosts have been banned by Fail2Ban.\n
`cat <tmpfile>`
\nRegards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary" <dest>
rm <tmpfile>
fi
diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf
index 3a3e56b2c7..d2818cb9b9 100644
--- a/config/action.d/mail-whois-lines.conf
+++ b/config/action.d/mail-whois-lines.conf
@@ -72,7 +72,7 @@ actionunban =
# Notes.: Your system mail command. Is passed 2 args: subject and recipient
# Values: CMD
#
-mailcmd = mail -s
+mailcmd = mail -E 'set escape' -s
# Default name of the chain
#
diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf
index 7fea34c40d..ab33b616dc 100644
--- a/config/action.d/mail-whois.conf
+++ b/config/action.d/mail-whois.conf
@@ -20,7 +20,7 @@ norestored = 1
actionstart = printf %%b "Hi,\n
The jail <name> has been started successfully.\n
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
# Option: actionstop
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
@@ -29,7 +29,7 @@ actionstart = printf %%b "Hi,\n
actionstop = printf %%b "Hi,\n
The jail <name> has been stopped.\n
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
# Option: actioncheck
# Notes.: command executed once before each actionban command
@@ -49,7 +49,7 @@ actionban = printf %%b "Hi,\n
Here is more information about <ip> :\n
`%(_whois_command)s`\n
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the
diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf
index 5d8c0e154c..f4838ddcb6 100644
--- a/config/action.d/mail.conf
+++ b/config/action.d/mail.conf
@@ -16,7 +16,7 @@ norestored = 1
actionstart = printf %%b "Hi,\n
The jail <name> has been started successfully.\n
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
# Option: actionstop
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
@@ -25,7 +25,7 @@ actionstart = printf %%b "Hi,\n
actionstop = printf %%b "Hi,\n
The jail <name> has been stopped.\n
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
# Option: actioncheck
# Notes.: command executed once before each actionban command
@@ -43,7 +43,7 @@ actionban = printf %%b "Hi,\n
The IP <ip> has just been banned by Fail2Ban after
<failures> attempts against <name>.\n
Regards,\n
- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
# Option: actionunban
# Notes.: command executed when unbanning an IP. Take care that the

103
fail2ban-0.11.2-upstream-patch-python-3.9.patch
View File

@ -1,103 +0,0 @@
From 8ae9208454e426aa87b96ba5df26036c4ae5cefd Mon Sep 17 00:00:00 2001
From: "Sergey G. Brester" <serg.brester@sebres.de>
Date: Mon, 8 Feb 2021 16:44:27 +0100
Subject: [PATCH 1/4] try to provide coverage for 3.10-alpha.5 (#2931)
---
.github/workflows/main.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 7a1d31df3d..262448c2da 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -22,7 +22,7 @@ jobs:
runs-on: ubuntu-20.04
strategy:
matrix:
- python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, pypy2, pypy3]
+ python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, '3.10.0-alpha.5', pypy2, pypy3]
fail-fast: false
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
From 2b6bb2c1bed8f7009631e8f8c306fa3160324a49 Mon Sep 17 00:00:00 2001
From: "Sergey G. Brester" <serg.brester@sebres.de>
Date: Mon, 8 Feb 2021 17:19:24 +0100
Subject: [PATCH 2/4] follow bpo-37324:
:ref:`collections-abstract-base-classes` moved to the :mod:`collections.abc`
module
(since 3.10-alpha.5 `MutableMapping` is missing in collections module)
---
fail2ban/server/action.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py
index 3bc48fe046..f0f1e6f59a 100644
--- a/fail2ban/server/action.py
+++ b/fail2ban/server/action.py
@@ -30,7 +30,10 @@
import threading
import time
from abc import ABCMeta
-from collections import MutableMapping
+try:
+ from collections.abc import MutableMapping
+except ImportError:
+ from collections import MutableMapping
from .failregex import mapTag2Opt
from .ipdns import DNSUtils
From 42dee38ad2ac5c3f23bdf297d824022923270dd9 Mon Sep 17 00:00:00 2001
From: "Sergey G. Brester" <serg.brester@sebres.de>
Date: Mon, 8 Feb 2021 17:25:45 +0100
Subject: [PATCH 3/4] amend for `Mapping`
---
fail2ban/server/actions.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py
index b7b95b445a..897d907c1a 100644
--- a/fail2ban/server/actions.py
+++ b/fail2ban/server/actions.py
@@ -28,7 +28,10 @@
import os
import sys
import time
-from collections import Mapping
+try:
+ from collections.abc import Mapping
+except ImportError:
+ from collections import Mapping
try:
from collections import OrderedDict
except ImportError:
From 9f1d1f4fbd0804695a976beb191f2c49a2739834 Mon Sep 17 00:00:00 2001
From: "Sergey G. Brester" <serg.brester@sebres.de>
Date: Mon, 8 Feb 2021 17:35:59 +0100
Subject: [PATCH 4/4] amend for `Mapping` (jails)
---
fail2ban/server/jails.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py
index 972a8c4bd2..27e12ddf65 100644
--- a/fail2ban/server/jails.py
+++ b/fail2ban/server/jails.py
@@ -22,7 +22,10 @@
__license__ = "GPL"
from threading import Lock
-from collections import Mapping
+try:
+ from collections.abc import Mapping
+except ImportError:
+ from collections import Mapping
from ..exceptions import DuplicateJailException, UnknownJailException
from .jail import Jail

3
fail2ban-0.11.2.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:383108e5f8644cefb288537950923b7520f642e7e114efb843f6e7ea9268b1e0
size 559552

11
fail2ban-0.11.2.tar.gz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCAAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAl+8IJUACgkQaDvxvr0K
iCx3lQf+Ko0DK0UCpcyQMD2eAkOSw9gReD8g6CgqubQe76SmJedUC25AX4BhtbnB
lcWnoNP6txHHe4SglEPDqA2QPp05V7NrC0Jv6EHuIqs/tDYQOrPeHfj9zIdo8Xpm
tuvEdJR9642RR7LRZprAMTMkdJG0DSAPeigpuL54GbbXrRMrZk6oe5JXy5kormYb
X26odhekUOWCh7cSSFkOoc5fKeLQZkjRECMo4zr9TMCuG9q+PCokK2ZlUK2k+FKX
Z82pPzxYn3XH9rOhgVPST2nyeZjb4xSMmsVNTO4FXytq/MwpdZW52cAbpgxMESWV
9ziop+UtjS9z+WcsxKZEmpVJHSxk/Q==
=1dk3
-----END PGP SIGNATURE-----

3
fail2ban-1.0.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:62b54679ebae81ac57f32c5e27aba9f2494ec5bafd45a0fd68e7a27fd448e5ac
size 582122

11
fail2ban-1.0.1.tar.gz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAmMzJ4sACgkQaDvxvr0K
iCw69Af8DPa37VGkNRDAOsw7s5YYDQL2Ar8GeCI/NO8TYLfc+KzEvk3b7JfRLEUM
w64O6y8Wsme40O34NhmlRazDeFKgCjCQlogWFN2iOB/VjYC94L2nXJCs1eAgTbIs
KvbKUMOL7mMRZOf5c0EtgnYZQtQgLudN2Yv0qY/oFgic8klH34VLntSfAFs0acFJ
c+RXobtVpKeQCs6aCooR13IGO8Oy0Tk8DpVfkoKtKNll2rPAoL9OuS0cTSEqSIRJ
lxez7fd9ngkw4ORXii1eNXlJ4ubwBB/xqK/1B8zHwRxnB6XLDXeF4GkOzEP3YX2u
Dmx6/AspkotASZK8ngAq40hodoMfig==
=TOG+
-----END PGP SIGNATURE-----

7
fail2ban-disable-iptables-w-option.patch
View File

@ -1,7 +1,6 @@
diff -ur fail2ban-0.9.3-orig/config/action.d/iptables-common.conf fail2ban-0.9.3/config/action.d/iptables-common.conf
--- fail2ban-0.9.3-orig/config/action.d/iptables-common.conf 2015-08-01 03:32:13.000000000 +0200
+++ fail2ban-0.9.3/config/action.d/iptables-common.conf 2015-08-26 13:35:33.542992089 +0200
@@ -55,8 +55,10 @@
--- fail2ban-1.0.1/config/action.d/iptables.conf.orig 2022-10-12 11:35:25.789327341 +0200
+++ fail2ban-1.0.1/config/action.d/iptables.conf 2022-10-12 11:35:40.585449861 +0200
@@ -138,8 +138,10 @@
# running concurrently and causing irratic behavior. -w was introduced
# in iptables 1.4.20, so might be absent on older systems
# See https://github.com/fail2ban/fail2ban/issues/1122

24
fail2ban-opensuse-locations.patch
View File

@ -1,7 +1,8 @@
diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf
--- fail2ban-0.11.2-orig/config/jail.conf 2020-11-23 21:43:03.000000000 +0100
+++ fail2ban-0.11.2/config/jail.conf 2020-11-29 10:14:13.229200191 +0100
@@ -731,7 +731,7 @@
Index: fail2ban-1.0.1/config/jail.conf
===================================================================
--- fail2ban-1.0.1.orig/config/jail.conf
+++ fail2ban-1.0.1/config/jail.conf
@@ -731,7 +731,7 @@ backend = %(syslog_backend)s
# filter = named-refused
# port = domain,953
# protocol = udp
@ -10,7 +11,7 @@ diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf
# IMPORTANT: see filter.d/named-refused for instructions to enable logging
# This jail blocks TCP traffic for DNS requests.
@@ -739,7 +739,7 @@
@@ -739,7 +739,7 @@ backend = %(syslog_backend)s
[named-refused]
port = domain,953
@ -19,16 +20,13 @@ diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf
[nsd]
Nur in fail2ban-0.11.2/config: jail.conf.orig.
diff -ur fail2ban-0.11.2-orig/config/paths-common.conf fail2ban-0.11.2/config/paths-common.conf
--- fail2ban-0.11.2-orig/config/paths-common.conf 2020-11-23 21:43:03.000000000 +0100
+++ fail2ban-0.11.2/config/paths-common.conf 2020-11-29 10:14:13.237200352 +0100
@@ -90,7 +90,7 @@
Index: fail2ban-1.0.1/config/paths-common.conf
===================================================================
--- fail2ban-1.0.1.orig/config/paths-common.conf
+++ fail2ban-1.0.1/config/paths-common.conf
@@ -90,4 +90,4 @@ solidpop3d_log = %(syslog_local0)s
mysql_log = %(syslog_daemon)s
mysql_backend = %(default_backend)s
-roundcube_errors_log = /var/log/roundcube/errors
+roundcube_errors_log = /srv/www/roundcubemail/logs/errors
# Directory with ignorecommand scripts
ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands

3
fail2ban-rpmlintrc
View File

@ -1,3 +0,0 @@
addFilter("W: htaccess-file .*tests.*")
addFilter("W: hidden-file-or-dir .*tests.*")
addFilter("W: no-manual-page-for-binary fail2ban-testcases")

10
fail2ban.changes
View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Wed Oct 12 08:11:52 UTC 2022 - Paolo Stivanin <info@paolostivanin.com>
- Update to 1.0.1:
* https://github.com/fail2ban/fail2ban/blob/1.0.1/ChangeLog
- Remove fail2ban-0.11.2-upstream-patch-python-3.9.patch.
- Remove fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch.
- Remove fail2ban-rpmlintrc since it's no longer needed.
- Add fail2ban.keyring.
-------------------------------------------------------------------
Sat Jan 22 11:17:48 UTC 2022 - Arjen de Korte <suse+build@de-korte.org>

29
fail2ban.keyring Normal file
View File

@ -0,0 +1,29 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBFeHbzIBCACWgr54J4t2fpI7EIrMTqso5kqPRTSY7eO2T0965JW6Zl4C0HZT
Wz+9c5aGlKeotf4Fv7zOhpUwULFSGAq3tVbxAxW9++LAXPGad6uE4aPsXoQ6+0RV
lJozNclURRal46vz3uuGLiSJ5+VQ1WD1sFLuw2/bMzE4GFR0z4w4UOc3ufAQ3obC
i5szSy5JWtCsmvCdNlhXTxa66aUddN8/8IHJSB6QZabGEcG4WfsfhUiH38KUuqrO
hYvT9ROY74pwSsHuWEzVRE00eJB4uxngsKHAGMYhkNxdKCG7Blu2IbJRcBE8QAs3
BGqJR8FBify86COZYUZ7CuAyLyo1U6BZd7ohABEBAAG0KVNlcmcgRy4gQnJlc3Rl
ciAoc2VicmVzKSA8aW5mb0BzZWJyZXMuZGU+iQE4BBMBAgAiBQJXh28yAhsDBgsJ
CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBoO/G+vQqILMThB/0YUr7Y+urJChgm
NG9exjjmTayoNb+XiMR5T2+A919NrKulEaH2mb51B7XBmFuCj8x5O1wA3xYo7B6h
RVuNyb2eI3+bRD33QsKcs6NsgK/I1xLD15NrEftPckWqYypR6//u9Tmz5o9n9+/n
2dH7SU7UPW468/bRUhFp+SQ70B0XLdyDgGLEN9TNsAvnEi30Vtjbia4Lp/NXYRkq
GEzvpgZ7Dt9YhT+qdSs6AwyN0ZhnvX+zqXi+Q18xlbnuq2ZZkwK8Es/HdEDu2HNJ
3nn3l15pyMe/OxYhg646NcqGR6j1rEZ7jXyN2i5sEdspXfwv0lGtLr7ANElWqOvX
XYBAspRvuQENBFeHbzIBCACyCMv4CQ+blzj53ZLPyBMnj38oQ7bbpAtDThfB8hEZ
uk6Kmo799Zo2rLG2iqvy8SEuN/bLQKyzFTiB4UYWvRxne792N0nWLU24/bd7j/Gh
Q4EHUhs38WRSYtu93XCKzvyzn5s3504luOBF6czNrLeDfWXGVGosBsBoASY7de7a
kiXb7a28dNDSG0JaR+QwONjmde9hAzqOX0iOYHvJeu68UKaUp4IrJ+nTMHFhwUbf
awCmz+NPPrm360j4BuvYSWhS06tM7c6+gfvXHOTtJ5TEGbrm+I8d2q7nhxg3nku6
7qnddkW2OS8EQVlw7XFox929mTLzw0MEmjqmSRTx2Qk3ABEBAAGJAR8EGAECAAkF
AleHbzICGwwACgkQaDvxvr0KiCwdxQf7BM7jo6v7uU7324ZkLQmtZndcXnXZMbSw
2pDzR2h01Vx7dHppzNOkyv8DvUWttwaMaTU57cdzThTkQPk8Lx8sCvi40RmWS2vs
IArgTS1HNStprPUg4sk99JOZg2y4LBqkLUxZveDsH+rXdFA/fp8048/M4ss6qj4O
ySe4crABbbv5yRADBJZt4LQdFoNGEpSaOtcxJmwJ7hrV+wQhVMm9m+/JpgzNT4rb
muPgveqzmSiTGJ6Yy2bEKyY0dCyPuWbWWPt4mCcT+9emZC1O8EjST0i9f9EUUU6c
6UCy7zi5EQ9CVv1Dlz1qefm/5/iFAAFQ5DtYC3cwDq8CqgqzoHMtNg==
=vqSW
-----END PGP PUBLIC KEY BLOCK-----

11
fail2ban.spec
View File

@ -22,7 +22,7 @@
%define _fillupdir %{_localstatedir}/adm/fillup-templates
%endif
Name: fail2ban
Version: 0.11.2
Version: 1.0.1
Release: 0
Summary: Bans IP addresses that make too many authentication failures
License: GPL-2.0-or-later
@ -37,8 +37,7 @@ Source6: sfw-fail2ban.conf
Source7: f2b-restart.conf
# Path definitions have been submitted to upstream
Source8: paths-opensuse.conf
# ignore some rpm-lint messages
Source200: %{name}-rpmlintrc
Source200: fail2ban.keyring
# PATCH-FIX-OPENSUSE fail2ban-opensuse-locations.patch bnc#878028 jweberhofer@weberhofer.at -- update default locations for logfiles
Patch100: %{name}-opensuse-locations.patch
# PATCH-FIX-OPENSUSE fail2ban-opensuse-service.patch jweberhofer@weberhofer.at -- openSUSE modifications to the service file
@ -51,10 +50,6 @@ Patch201: %{name}-0.10.4-env-script-interpreter.patch
Patch300: fail2ban-opensuse-service-sfw.patch
# PATCH-FEATURE-OPENSUSE harden_fail2ban.service.patch jsegitz@suse.com -- Added hardening to systemd service(s) bsc#1181400
Patch301: harden_fail2ban.service.patch
# PATCH-FIX-UPSTREAM fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch jweberhofer@weberhofer.at -- fixes CVE-2021-32749
Patch400: fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch
# PATCH-FIX-UPSTREAM fail2ban-0.11.2-upstream-patch-python-3.9.patch jweberhofer@weberhofer.at -- allow running under python 3.9+
Patch401: fail2ban-0.11.2-upstream-patch-python-3.9.patch
BuildRequires: fdupes
BuildRequires: logrotate
@ -142,8 +137,6 @@ sed -i -e 's/^before = paths-.*/before = paths-opensuse.conf/' config/jail.conf
%patch300 -p1
%endif
%patch301 -p1
%patch400 -p1
%patch401 -p1
rm config/paths-arch.conf \
config/paths-debian.conf \