From 974194c817ba186cea04bd08298224992a34f5cb654fd88dc583710a870bff18 Mon Sep 17 00:00:00 2001 From: Arjen de Korte Date: Wed, 12 Oct 2022 14:29:51 +0000 Subject: [PATCH] Accepting request 1010250 from home:polslinux:branches:security - Update to 1.0.1: * https://github.com/fail2ban/fail2ban/blob/1.0.1/ChangeLog - Remove fail2ban-0.11.2-upstream-patch-python-3.9.patch. - Remove fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch. - Remove fail2ban-rpmlintrc since it's no longer needed. - Add fail2ban.keyring. OBS-URL: https://build.opensuse.org/request/show/1010250 OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=112 --- ....2-upstream-patch-for-CVE-2021-32749.patch | 155 ------------------ ...ban-0.11.2-upstream-patch-python-3.9.patch | 103 ------------ fail2ban-0.11.2.tar.gz | 3 - fail2ban-0.11.2.tar.gz.asc | 11 -- fail2ban-1.0.1.tar.gz | 3 + fail2ban-1.0.1.tar.gz.asc | 11 ++ fail2ban-disable-iptables-w-option.patch | 7 +- fail2ban-opensuse-locations.patch | 24 ++- fail2ban-rpmlintrc | 3 - fail2ban.changes | 10 ++ fail2ban.keyring | 29 ++++ fail2ban.spec | 11 +- 12 files changed, 69 insertions(+), 301 deletions(-) delete mode 100644 fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch delete mode 100644 fail2ban-0.11.2-upstream-patch-python-3.9.patch delete mode 100644 fail2ban-0.11.2.tar.gz delete mode 100644 fail2ban-0.11.2.tar.gz.asc create mode 100644 fail2ban-1.0.1.tar.gz create mode 100644 fail2ban-1.0.1.tar.gz.asc delete mode 100644 fail2ban-rpmlintrc create mode 100644 fail2ban.keyring diff --git a/fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch b/fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch deleted file mode 100644 index 45604b0..0000000 --- a/fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch +++ /dev/null @@ -1,155 +0,0 @@ -From 410a6ce5c80dd981c22752da034f2529b5eee844 Mon Sep 17 00:00:00 2001 -From: sebres -Date: Mon, 21 Jun 2021 17:12:53 +0200 -Subject: [PATCH] fixed possible RCE vulnerability, unset escape variable - (default tilde) stops consider "~" char after new-line as composing escape - sequence - ---- - config/action.d/complain.conf | 2 +- - config/action.d/dshield.conf | 2 +- - config/action.d/mail-buffered.conf | 8 ++++---- - config/action.d/mail-whois-lines.conf | 2 +- - config/action.d/mail-whois.conf | 6 +++--- - config/action.d/mail.conf | 6 +++--- - 6 files changed, 13 insertions(+), 13 deletions(-) - -diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf -index 3a5f882c9f..4d73b05859 100644 ---- a/config/action.d/complain.conf -+++ b/config/action.d/complain.conf -@@ -102,7 +102,7 @@ logpath = /dev/null - # Notes.: Your system mail command. Is passed 2 args: subject and recipient - # Values: CMD - # --mailcmd = mail -s -+mailcmd = mail -E 'set escape' -s - - # Option: mailargs - # Notes.: Additional arguments to mail command. e.g. for standard Unix mail: -diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf -index c128bef348..3d5a7a53a9 100644 ---- a/config/action.d/dshield.conf -+++ b/config/action.d/dshield.conf -@@ -179,7 +179,7 @@ tcpflags = - # Notes.: Your system mail command. Is passed 2 args: subject and recipient - # Values: CMD - # --mailcmd = mail -s -+mailcmd = mail -E 'set escape' -s - - # Option: mailargs - # Notes.: Additional arguments to mail command. e.g. for standard Unix mail: -diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf -index 325f185b2f..79b841049c 100644 ---- a/config/action.d/mail-buffered.conf -+++ b/config/action.d/mail-buffered.conf -@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n - The jail has been started successfully.\n - Output will be buffered until lines are available.\n - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : started on " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : started on " - - # Option: actionstop - # Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -@@ -28,13 +28,13 @@ actionstop = if [ -f ]; then - These hosts have been banned by Fail2Ban.\n - `cat ` - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : Summary from " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : Summary from " - rm - fi - printf %%b "Hi,\n - The jail has been stopped.\n - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : stopped on " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : stopped on " - - # Option: actioncheck - # Notes.: command executed once before each actionban command -@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: ( failures)\n" >> - These hosts have been banned by Fail2Ban.\n - `cat ` - \nRegards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : Summary" -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : Summary" - rm - fi - -diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf -index 3a3e56b2c7..d2818cb9b9 100644 ---- a/config/action.d/mail-whois-lines.conf -+++ b/config/action.d/mail-whois-lines.conf -@@ -72,7 +72,7 @@ actionunban = - # Notes.: Your system mail command. Is passed 2 args: subject and recipient - # Values: CMD - # --mailcmd = mail -s -+mailcmd = mail -E 'set escape' -s - - # Default name of the chain - # -diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf -index 7fea34c40d..ab33b616dc 100644 ---- a/config/action.d/mail-whois.conf -+++ b/config/action.d/mail-whois.conf -@@ -20,7 +20,7 @@ norestored = 1 - actionstart = printf %%b "Hi,\n - The jail has been started successfully.\n - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : started on " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : started on " - - # Option: actionstop - # Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -@@ -29,7 +29,7 @@ actionstart = printf %%b "Hi,\n - actionstop = printf %%b "Hi,\n - The jail has been stopped.\n - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : stopped on " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : stopped on " - - # Option: actioncheck - # Notes.: command executed once before each actionban command -@@ -49,7 +49,7 @@ actionban = printf %%b "Hi,\n - Here is more information about :\n - `%(_whois_command)s`\n - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : banned from " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : banned from " - - # Option: actionunban - # Notes.: command executed when unbanning an IP. Take care that the -diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf -index 5d8c0e154c..f4838ddcb6 100644 ---- a/config/action.d/mail.conf -+++ b/config/action.d/mail.conf -@@ -16,7 +16,7 @@ norestored = 1 - actionstart = printf %%b "Hi,\n - The jail has been started successfully.\n - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : started on " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : started on " - - # Option: actionstop - # Notes.: command executed at the stop of jail (or at the end of Fail2Ban) -@@ -25,7 +25,7 @@ actionstart = printf %%b "Hi,\n - actionstop = printf %%b "Hi,\n - The jail has been stopped.\n - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : stopped on " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : stopped on " - - # Option: actioncheck - # Notes.: command executed once before each actionban command -@@ -43,7 +43,7 @@ actionban = printf %%b "Hi,\n - The IP has just been banned by Fail2Ban after - attempts against .\n - Regards,\n -- Fail2Ban"|mail -s "[Fail2Ban] : banned from " -+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] : banned from " - - # Option: actionunban - # Notes.: command executed when unbanning an IP. Take care that the diff --git a/fail2ban-0.11.2-upstream-patch-python-3.9.patch b/fail2ban-0.11.2-upstream-patch-python-3.9.patch deleted file mode 100644 index 0ce8224..0000000 --- a/fail2ban-0.11.2-upstream-patch-python-3.9.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 8ae9208454e426aa87b96ba5df26036c4ae5cefd Mon Sep 17 00:00:00 2001 -From: "Sergey G. Brester" -Date: Mon, 8 Feb 2021 16:44:27 +0100 -Subject: [PATCH 1/4] try to provide coverage for 3.10-alpha.5 (#2931) - ---- - .github/workflows/main.yml | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml -index 7a1d31df3d..262448c2da 100644 ---- a/.github/workflows/main.yml -+++ b/.github/workflows/main.yml -@@ -22,7 +22,7 @@ jobs: - runs-on: ubuntu-20.04 - strategy: - matrix: -- python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, pypy2, pypy3] -+ python-version: [2.7, 3.5, 3.6, 3.7, 3.8, 3.9, '3.10.0-alpha.5', pypy2, pypy3] - fail-fast: false - # Steps represent a sequence of tasks that will be executed as part of the job - steps: - -From 2b6bb2c1bed8f7009631e8f8c306fa3160324a49 Mon Sep 17 00:00:00 2001 -From: "Sergey G. Brester" -Date: Mon, 8 Feb 2021 17:19:24 +0100 -Subject: [PATCH 2/4] follow bpo-37324: - :ref:`collections-abstract-base-classes` moved to the :mod:`collections.abc` - module - -(since 3.10-alpha.5 `MutableMapping` is missing in collections module) ---- - fail2ban/server/action.py | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/fail2ban/server/action.py b/fail2ban/server/action.py -index 3bc48fe046..f0f1e6f59a 100644 ---- a/fail2ban/server/action.py -+++ b/fail2ban/server/action.py -@@ -30,7 +30,10 @@ - import threading - import time - from abc import ABCMeta --from collections import MutableMapping -+try: -+ from collections.abc import MutableMapping -+except ImportError: -+ from collections import MutableMapping - - from .failregex import mapTag2Opt - from .ipdns import DNSUtils - -From 42dee38ad2ac5c3f23bdf297d824022923270dd9 Mon Sep 17 00:00:00 2001 -From: "Sergey G. Brester" -Date: Mon, 8 Feb 2021 17:25:45 +0100 -Subject: [PATCH 3/4] amend for `Mapping` - ---- - fail2ban/server/actions.py | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/fail2ban/server/actions.py b/fail2ban/server/actions.py -index b7b95b445a..897d907c1a 100644 ---- a/fail2ban/server/actions.py -+++ b/fail2ban/server/actions.py -@@ -28,7 +28,10 @@ - import os - import sys - import time --from collections import Mapping -+try: -+ from collections.abc import Mapping -+except ImportError: -+ from collections import Mapping - try: - from collections import OrderedDict - except ImportError: - -From 9f1d1f4fbd0804695a976beb191f2c49a2739834 Mon Sep 17 00:00:00 2001 -From: "Sergey G. Brester" -Date: Mon, 8 Feb 2021 17:35:59 +0100 -Subject: [PATCH 4/4] amend for `Mapping` (jails) - ---- - fail2ban/server/jails.py | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/fail2ban/server/jails.py b/fail2ban/server/jails.py -index 972a8c4bd2..27e12ddf65 100644 ---- a/fail2ban/server/jails.py -+++ b/fail2ban/server/jails.py -@@ -22,7 +22,10 @@ - __license__ = "GPL" - - from threading import Lock --from collections import Mapping -+try: -+ from collections.abc import Mapping -+except ImportError: -+ from collections import Mapping - - from ..exceptions import DuplicateJailException, UnknownJailException - from .jail import Jail diff --git a/fail2ban-0.11.2.tar.gz b/fail2ban-0.11.2.tar.gz deleted file mode 100644 index 71d95fc..0000000 --- a/fail2ban-0.11.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:383108e5f8644cefb288537950923b7520f642e7e114efb843f6e7ea9268b1e0 -size 559552 diff --git a/fail2ban-0.11.2.tar.gz.asc b/fail2ban-0.11.2.tar.gz.asc deleted file mode 100644 index d974e80..0000000 --- a/fail2ban-0.11.2.tar.gz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCAAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAl+8IJUACgkQaDvxvr0K -iCx3lQf+Ko0DK0UCpcyQMD2eAkOSw9gReD8g6CgqubQe76SmJedUC25AX4BhtbnB -lcWnoNP6txHHe4SglEPDqA2QPp05V7NrC0Jv6EHuIqs/tDYQOrPeHfj9zIdo8Xpm -tuvEdJR9642RR7LRZprAMTMkdJG0DSAPeigpuL54GbbXrRMrZk6oe5JXy5kormYb -X26odhekUOWCh7cSSFkOoc5fKeLQZkjRECMo4zr9TMCuG9q+PCokK2ZlUK2k+FKX -Z82pPzxYn3XH9rOhgVPST2nyeZjb4xSMmsVNTO4FXytq/MwpdZW52cAbpgxMESWV -9ziop+UtjS9z+WcsxKZEmpVJHSxk/Q== -=1dk3 ------END PGP SIGNATURE----- diff --git a/fail2ban-1.0.1.tar.gz b/fail2ban-1.0.1.tar.gz new file mode 100644 index 0000000..8377b33 --- /dev/null +++ b/fail2ban-1.0.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:62b54679ebae81ac57f32c5e27aba9f2494ec5bafd45a0fd68e7a27fd448e5ac +size 582122 diff --git a/fail2ban-1.0.1.tar.gz.asc b/fail2ban-1.0.1.tar.gz.asc new file mode 100644 index 0000000..d9905c7 --- /dev/null +++ b/fail2ban-1.0.1.tar.gz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEEhzhVnib2cd+eLG2eaDvxvr0KiCwFAmMzJ4sACgkQaDvxvr0K +iCw69Af8DPa37VGkNRDAOsw7s5YYDQL2Ar8GeCI/NO8TYLfc+KzEvk3b7JfRLEUM +w64O6y8Wsme40O34NhmlRazDeFKgCjCQlogWFN2iOB/VjYC94L2nXJCs1eAgTbIs +KvbKUMOL7mMRZOf5c0EtgnYZQtQgLudN2Yv0qY/oFgic8klH34VLntSfAFs0acFJ +c+RXobtVpKeQCs6aCooR13IGO8Oy0Tk8DpVfkoKtKNll2rPAoL9OuS0cTSEqSIRJ +lxez7fd9ngkw4ORXii1eNXlJ4ubwBB/xqK/1B8zHwRxnB6XLDXeF4GkOzEP3YX2u +Dmx6/AspkotASZK8ngAq40hodoMfig== +=TOG+ +-----END PGP SIGNATURE----- diff --git a/fail2ban-disable-iptables-w-option.patch b/fail2ban-disable-iptables-w-option.patch index cc1afb4..19c65d5 100644 --- a/fail2ban-disable-iptables-w-option.patch +++ b/fail2ban-disable-iptables-w-option.patch @@ -1,7 +1,6 @@ -diff -ur fail2ban-0.9.3-orig/config/action.d/iptables-common.conf fail2ban-0.9.3/config/action.d/iptables-common.conf ---- fail2ban-0.9.3-orig/config/action.d/iptables-common.conf 2015-08-01 03:32:13.000000000 +0200 -+++ fail2ban-0.9.3/config/action.d/iptables-common.conf 2015-08-26 13:35:33.542992089 +0200 -@@ -55,8 +55,10 @@ +--- fail2ban-1.0.1/config/action.d/iptables.conf.orig 2022-10-12 11:35:25.789327341 +0200 ++++ fail2ban-1.0.1/config/action.d/iptables.conf 2022-10-12 11:35:40.585449861 +0200 +@@ -138,8 +138,10 @@ # running concurrently and causing irratic behavior. -w was introduced # in iptables 1.4.20, so might be absent on older systems # See https://github.com/fail2ban/fail2ban/issues/1122 diff --git a/fail2ban-opensuse-locations.patch b/fail2ban-opensuse-locations.patch index a6488a1..e0dfbd6 100644 --- a/fail2ban-opensuse-locations.patch +++ b/fail2ban-opensuse-locations.patch @@ -1,7 +1,8 @@ -diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf ---- fail2ban-0.11.2-orig/config/jail.conf 2020-11-23 21:43:03.000000000 +0100 -+++ fail2ban-0.11.2/config/jail.conf 2020-11-29 10:14:13.229200191 +0100 -@@ -731,7 +731,7 @@ +Index: fail2ban-1.0.1/config/jail.conf +=================================================================== +--- fail2ban-1.0.1.orig/config/jail.conf ++++ fail2ban-1.0.1/config/jail.conf +@@ -731,7 +731,7 @@ backend = %(syslog_backend)s # filter = named-refused # port = domain,953 # protocol = udp @@ -10,7 +11,7 @@ diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf # IMPORTANT: see filter.d/named-refused for instructions to enable logging # This jail blocks TCP traffic for DNS requests. -@@ -739,7 +739,7 @@ +@@ -739,7 +739,7 @@ backend = %(syslog_backend)s [named-refused] port = domain,953 @@ -19,16 +20,13 @@ diff -ur fail2ban-0.11.2-orig/config/jail.conf fail2ban-0.11.2/config/jail.conf [nsd] -Nur in fail2ban-0.11.2/config: jail.conf.orig. -diff -ur fail2ban-0.11.2-orig/config/paths-common.conf fail2ban-0.11.2/config/paths-common.conf ---- fail2ban-0.11.2-orig/config/paths-common.conf 2020-11-23 21:43:03.000000000 +0100 -+++ fail2ban-0.11.2/config/paths-common.conf 2020-11-29 10:14:13.237200352 +0100 -@@ -90,7 +90,7 @@ +Index: fail2ban-1.0.1/config/paths-common.conf +=================================================================== +--- fail2ban-1.0.1.orig/config/paths-common.conf ++++ fail2ban-1.0.1/config/paths-common.conf +@@ -90,4 +90,4 @@ solidpop3d_log = %(syslog_local0)s mysql_log = %(syslog_daemon)s mysql_backend = %(default_backend)s -roundcube_errors_log = /var/log/roundcube/errors +roundcube_errors_log = /srv/www/roundcubemail/logs/errors - - # Directory with ignorecommand scripts - ignorecommands_dir = /etc/fail2ban/filter.d/ignorecommands diff --git a/fail2ban-rpmlintrc b/fail2ban-rpmlintrc deleted file mode 100644 index 8995e09..0000000 --- a/fail2ban-rpmlintrc +++ /dev/null @@ -1,3 +0,0 @@ -addFilter("W: htaccess-file .*tests.*") -addFilter("W: hidden-file-or-dir .*tests.*") -addFilter("W: no-manual-page-for-binary fail2ban-testcases") diff --git a/fail2ban.changes b/fail2ban.changes index f53daf7..4625c1b 100644 --- a/fail2ban.changes +++ b/fail2ban.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Wed Oct 12 08:11:52 UTC 2022 - Paolo Stivanin + +- Update to 1.0.1: + * https://github.com/fail2ban/fail2ban/blob/1.0.1/ChangeLog +- Remove fail2ban-0.11.2-upstream-patch-python-3.9.patch. +- Remove fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch. +- Remove fail2ban-rpmlintrc since it's no longer needed. +- Add fail2ban.keyring. + ------------------------------------------------------------------- Sat Jan 22 11:17:48 UTC 2022 - Arjen de Korte diff --git a/fail2ban.keyring b/fail2ban.keyring new file mode 100644 index 0000000..7fcf831 --- /dev/null +++ b/fail2ban.keyring @@ -0,0 +1,29 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFeHbzIBCACWgr54J4t2fpI7EIrMTqso5kqPRTSY7eO2T0965JW6Zl4C0HZT +Wz+9c5aGlKeotf4Fv7zOhpUwULFSGAq3tVbxAxW9++LAXPGad6uE4aPsXoQ6+0RV +lJozNclURRal46vz3uuGLiSJ5+VQ1WD1sFLuw2/bMzE4GFR0z4w4UOc3ufAQ3obC +i5szSy5JWtCsmvCdNlhXTxa66aUddN8/8IHJSB6QZabGEcG4WfsfhUiH38KUuqrO +hYvT9ROY74pwSsHuWEzVRE00eJB4uxngsKHAGMYhkNxdKCG7Blu2IbJRcBE8QAs3 +BGqJR8FBify86COZYUZ7CuAyLyo1U6BZd7ohABEBAAG0KVNlcmcgRy4gQnJlc3Rl +ciAoc2VicmVzKSA8aW5mb0BzZWJyZXMuZGU+iQE4BBMBAgAiBQJXh28yAhsDBgsJ +CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBoO/G+vQqILMThB/0YUr7Y+urJChgm +NG9exjjmTayoNb+XiMR5T2+A919NrKulEaH2mb51B7XBmFuCj8x5O1wA3xYo7B6h +RVuNyb2eI3+bRD33QsKcs6NsgK/I1xLD15NrEftPckWqYypR6//u9Tmz5o9n9+/n +2dH7SU7UPW468/bRUhFp+SQ70B0XLdyDgGLEN9TNsAvnEi30Vtjbia4Lp/NXYRkq +GEzvpgZ7Dt9YhT+qdSs6AwyN0ZhnvX+zqXi+Q18xlbnuq2ZZkwK8Es/HdEDu2HNJ +3nn3l15pyMe/OxYhg646NcqGR6j1rEZ7jXyN2i5sEdspXfwv0lGtLr7ANElWqOvX +XYBAspRvuQENBFeHbzIBCACyCMv4CQ+blzj53ZLPyBMnj38oQ7bbpAtDThfB8hEZ +uk6Kmo799Zo2rLG2iqvy8SEuN/bLQKyzFTiB4UYWvRxne792N0nWLU24/bd7j/Gh +Q4EHUhs38WRSYtu93XCKzvyzn5s3504luOBF6czNrLeDfWXGVGosBsBoASY7de7a +kiXb7a28dNDSG0JaR+QwONjmde9hAzqOX0iOYHvJeu68UKaUp4IrJ+nTMHFhwUbf +awCmz+NPPrm360j4BuvYSWhS06tM7c6+gfvXHOTtJ5TEGbrm+I8d2q7nhxg3nku6 +7qnddkW2OS8EQVlw7XFox929mTLzw0MEmjqmSRTx2Qk3ABEBAAGJAR8EGAECAAkF +AleHbzICGwwACgkQaDvxvr0KiCwdxQf7BM7jo6v7uU7324ZkLQmtZndcXnXZMbSw +2pDzR2h01Vx7dHppzNOkyv8DvUWttwaMaTU57cdzThTkQPk8Lx8sCvi40RmWS2vs +IArgTS1HNStprPUg4sk99JOZg2y4LBqkLUxZveDsH+rXdFA/fp8048/M4ss6qj4O +ySe4crABbbv5yRADBJZt4LQdFoNGEpSaOtcxJmwJ7hrV+wQhVMm9m+/JpgzNT4rb +muPgveqzmSiTGJ6Yy2bEKyY0dCyPuWbWWPt4mCcT+9emZC1O8EjST0i9f9EUUU6c +6UCy7zi5EQ9CVv1Dlz1qefm/5/iFAAFQ5DtYC3cwDq8CqgqzoHMtNg== +=vqSW +-----END PGP PUBLIC KEY BLOCK----- diff --git a/fail2ban.spec b/fail2ban.spec index 40d60ab..f43ece0 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -22,7 +22,7 @@ %define _fillupdir %{_localstatedir}/adm/fillup-templates %endif Name: fail2ban -Version: 0.11.2 +Version: 1.0.1 Release: 0 Summary: Bans IP addresses that make too many authentication failures License: GPL-2.0-or-later @@ -37,8 +37,7 @@ Source6: sfw-fail2ban.conf Source7: f2b-restart.conf # Path definitions have been submitted to upstream Source8: paths-opensuse.conf -# ignore some rpm-lint messages -Source200: %{name}-rpmlintrc +Source200: fail2ban.keyring # PATCH-FIX-OPENSUSE fail2ban-opensuse-locations.patch bnc#878028 jweberhofer@weberhofer.at -- update default locations for logfiles Patch100: %{name}-opensuse-locations.patch # PATCH-FIX-OPENSUSE fail2ban-opensuse-service.patch jweberhofer@weberhofer.at -- openSUSE modifications to the service file @@ -51,10 +50,6 @@ Patch201: %{name}-0.10.4-env-script-interpreter.patch Patch300: fail2ban-opensuse-service-sfw.patch # PATCH-FEATURE-OPENSUSE harden_fail2ban.service.patch jsegitz@suse.com -- Added hardening to systemd service(s) bsc#1181400 Patch301: harden_fail2ban.service.patch -# PATCH-FIX-UPSTREAM fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch jweberhofer@weberhofer.at -- fixes CVE-2021-32749 -Patch400: fail2ban-0.11.2-upstream-patch-for-CVE-2021-32749.patch -# PATCH-FIX-UPSTREAM fail2ban-0.11.2-upstream-patch-python-3.9.patch jweberhofer@weberhofer.at -- allow running under python 3.9+ -Patch401: fail2ban-0.11.2-upstream-patch-python-3.9.patch BuildRequires: fdupes BuildRequires: logrotate @@ -142,8 +137,6 @@ sed -i -e 's/^before = paths-.*/before = paths-opensuse.conf/' config/jail.conf %patch300 -p1 %endif %patch301 -p1 -%patch400 -p1 -%patch401 -p1 rm config/paths-arch.conf \ config/paths-debian.conf \