Accepting request 207466 from home:weberho:branches:security

Update to version 0.8.11 OBS-URL: https://build.opensuse.org/request/show/207466 OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=37
2013-11-18 13:43:25 +00:00 · 2013-11-18 13:43:25 +00:00 · 28eccb4d5e
commit 28eccb4d5e
parent afdd4dcfb1
4 changed files with 22 additions and 6 deletions
--- a/fail2ban-0.8.10.tar.gz
+++ b/fail2ban-0.8.10.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:03efc63157e6f11449bf95614906e5dc96622561d2b72f32f155f424563780b3
-size 161914
--- a/fail2ban-0.8.11.tar.bz2
+++ b/fail2ban-0.8.11.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d8fa2bd1b106b65ad2bffd41c191f80a97bc3e9456b192d1714c4ee023af5e32
+size 156411
--- a/fail2ban.changes
+++ b/fail2ban.changes
@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Thu Nov 14 05:14:35 UTC 2013 - jweberhofer@weberhofer.at
+
+- Update to version 0.8.11
+
+- In light of CVE-2013-2178 that triggered our last release we have put a
+  significant effort into tightening all of the regexs of our filters to avoid
+  another similar vulnerability. We haven't examined all of these for a potential
+  DoS scenario however it is possible that another DoS vulnerability exists that
+  is fixed by this release. A large number of filters have been updated to
+  include more failure regexs supporting previously unbanned failures and support
+  newer application versions too. We have test cases for most of these now
+  however if you have other examples that demonstrate that a filter is
+  insufficient we welcome your feedback. During the tightening of the regexs to
+  avoid DoS vulnerabilities there is the possibility that we have inadvertently,
+  despite our best intentions, incorrectly allowed a failure to continue.
+
 -------------------------------------------------------------------
 Sat Sep 21 11:38:29 UTC 2013 - schuetzm@gmx.net

--- a/fail2ban.spec
+++ b/fail2ban.spec
@ -35,7 +35,7 @@ BuildRequires:  systemd
 BuildRequires:  logrotate
 BuildRequires:  python-devel
 PreReq:         %fillup_prereq
-Version:        0.8.10
+Version:        0.8.11
 Release:        0
 Url:            http://www.fail2ban.org/
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@ -43,8 +43,7 @@ BuildArch:      noarch
 Summary:        Bans IP addresses that make too many authentication failures
 License:        GPL-2.0+
 Group:          Productivity/Networking/Security
-#URL            https://codeload.github.com/fail2ban/fail2ban/tar.gz/0.8.9
-Source0:        %{name}-%{version}.tar.gz
+Source0:        https://github.com/%{name}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.bz2
 %if 0%{?suse_version} < 1230
 Source1:        %{name}.init
 %endif