From 28eccb4d5ed5affd7e9bf176ed80f2cae0231d951f0a9476a7710dcfa8be7624 Mon Sep 17 00:00:00 2001 From: Johannes Weberhofer Date: Mon, 18 Nov 2013 13:43:25 +0000 Subject: [PATCH] Accepting request 207466 from home:weberho:branches:security Update to version 0.8.11 OBS-URL: https://build.opensuse.org/request/show/207466 OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=37 --- fail2ban-0.8.10.tar.gz | 3 --- fail2ban-0.8.11.tar.bz2 | 3 +++ fail2ban.changes | 17 +++++++++++++++++ fail2ban.spec | 5 ++--- 4 files changed, 22 insertions(+), 6 deletions(-) delete mode 100644 fail2ban-0.8.10.tar.gz create mode 100644 fail2ban-0.8.11.tar.bz2 diff --git a/fail2ban-0.8.10.tar.gz b/fail2ban-0.8.10.tar.gz deleted file mode 100644 index 7a1375d..0000000 --- a/fail2ban-0.8.10.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:03efc63157e6f11449bf95614906e5dc96622561d2b72f32f155f424563780b3 -size 161914 diff --git a/fail2ban-0.8.11.tar.bz2 b/fail2ban-0.8.11.tar.bz2 new file mode 100644 index 0000000..4195d08 --- /dev/null +++ b/fail2ban-0.8.11.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d8fa2bd1b106b65ad2bffd41c191f80a97bc3e9456b192d1714c4ee023af5e32 +size 156411 diff --git a/fail2ban.changes b/fail2ban.changes index 5ba0896..ff2c296 100644 --- a/fail2ban.changes +++ b/fail2ban.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Thu Nov 14 05:14:35 UTC 2013 - jweberhofer@weberhofer.at + +- Update to version 0.8.11 + +- In light of CVE-2013-2178 that triggered our last release we have put a + significant effort into tightening all of the regexs of our filters to avoid + another similar vulnerability. We haven't examined all of these for a potential + DoS scenario however it is possible that another DoS vulnerability exists that + is fixed by this release. A large number of filters have been updated to + include more failure regexs supporting previously unbanned failures and support + newer application versions too. We have test cases for most of these now + however if you have other examples that demonstrate that a filter is + insufficient we welcome your feedback. During the tightening of the regexs to + avoid DoS vulnerabilities there is the possibility that we have inadvertently, + despite our best intentions, incorrectly allowed a failure to continue. + ------------------------------------------------------------------- Sat Sep 21 11:38:29 UTC 2013 - schuetzm@gmx.net diff --git a/fail2ban.spec b/fail2ban.spec index 6c03692..c8835f8 100644 --- a/fail2ban.spec +++ b/fail2ban.spec @@ -35,7 +35,7 @@ BuildRequires: systemd BuildRequires: logrotate BuildRequires: python-devel PreReq: %fillup_prereq -Version: 0.8.10 +Version: 0.8.11 Release: 0 Url: http://www.fail2ban.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -43,8 +43,7 @@ BuildArch: noarch Summary: Bans IP addresses that make too many authentication failures License: GPL-2.0+ Group: Productivity/Networking/Security -#URL https://codeload.github.com/fail2ban/fail2ban/tar.gz/0.8.9 -Source0: %{name}-%{version}.tar.gz +Source0: https://github.com/%{name}/%{name}/releases/download/%{version}/%{name}-%{version}.tar.bz2 %if 0%{?suse_version} < 1230 Source1: %{name}.init %endif