* circumvent SEGFAULT in a python's socket module by
getaddrinfo with disabled IPv6 (gh-3438)
* avoid sporadic error in pyinotify backend if pending file
deleted in other thread, e. g. by flushing logs (gh-3635)
* `action.d/cloudflare-token.conf` - fixes gh-3479, url-encode
args by unban
* `action.d/*ipset*`: make `maxelem` ipset option configurable
through banaction arguments (gh-3564)
* `filter.d/apache-common.conf` - accepts remote besides client
(gh-3622)
* `filter.d/mysqld-auth.conf` - matches also if no suffix in
message (mariadb 10.3 log format, gh-3603)
* `filter.d/nginx-*.conf` - nginx error-log filters extended
with support of journal format (gh-3646)
* `filter.d/postfix.conf`:
- "rejected" rule extended to match "Access denied" too
- avoid double counting ('lost connection after AUTH'
together with message 'disconnect ...', gh-3505)
- add Sender address rejected: Malformed DNS server reply
- add to postfix syslog daemon format (gh-3690)
- change journalmatch postfix, allow sub-units with
postfix@-.service (gh-3692)
* `filter.d/recidive.conf`: support for systemd-journal,
conditional RE depending on logtype (for file or journal,
gh-3693)
* `filter.d/slapd.conf` - filter rewritten for single-line
processing, matches errored result without `text=...`
(gh-3604)
* supports python 3.12 and 3.13 (gh-3487)
OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=122
