Accepting request 415421 from home:weberho:branches:security

Update to version 0.9.5 OBS-URL: https://build.opensuse.org/request/show/415421 OBS-URL: https://build.opensuse.org/package/show/security/fail2ban?expand=0&rev=73
2016-07-27 18:00:37 +00:00
parent 9ffc83a177
commit ef72158bf2
4 changed files with 58 additions and 4 deletions
--- a/fail2ban.changes
+++ b/fail2ban.changes
@@ -1,3 +1,57 @@
+-------------------------------------------------------------------
+Mon Jul 25 13:43:18 UTC 2016 - jweberhofer@weberhofer.at
+
+- Update to version 0.9.5
+
+  New Features
+    * New Actions: action.d/firewallcmd-rich-rules and 
+      action.d/firewallcmd-rich-logging (gh#fail2ban/fail2ban#1367)
+    * New filter: slapd - ban hosts, that were failed to connect with invalid
+      credentials: error code 49 (gh#fail2ban/fail2ban#1478)
+
+  Enhancements
+    * Extreme speedup of all sqlite database operations
+        (gh#fail2ban/fail2ban#1436), by using of following sqlite options:
+      - (synchronous = OFF) write data through OS without syncing
+      - (journal_mode = MEMORY) use memory for the transaction logging
+      - (temp_store = MEMORY) temporary tables and indices are kept in memory
+    * journald journalmatch for pure-ftpd (gh#fail2ban/fail2ban#1362)
+    * Added additional regex filter for dovecot ldap authentication 
+      failures (gh#fail2ban/fail2ban#1370)
+    * filter.d/exim*conf
+      - Added additional regexes (gh#fail2ban/fail2ban#1371)
+      - Made port entry optional
+
+  Fixes
+  * filter.d/monit.conf
+    - Extended failregex with new monit "access denied" version
+      (gh#fail2ban/fail2ban#1355)
+    - failregex of previous monit version merged as single expression
+  * filter.d/postfix.conf, filter.d/postfix-sasl.conf
+    - Extended failregex daemon part, matching also postfix/smtps/smtpd now
+      (gh#fail2ban/fail2ban#1391)
+
+  * Fixed a grave bug within tags substitutions because of incorrect detection
+    of recursion in case of multiple inline substitutions of the same tag
+    (affected actions: bsd-ipfw, etc). Now tracks the actual list of the
+    already substituted tags (per tag instead of single list)
+
+  * filter.d/common.conf
+    - Unexpected extra regex-space in generic __prefix_line
+     (gh#fail2ban/fail2ban#1405)
+    - All optional spaces normalized in common.conf, test covered now
+    - Generic __prefix_line extended with optional brackets for the date ambit
+      (gh#fail2ban/fail2ban#1421), added new parameter __date_ambit 
+
+  * gentoo-initd fixed --pidfile bug: --pidfile is option of start-stop-daemon,
+    not argument of fail2ban (see gh#fail2ban/fail2ban#1434)
+
+  * filter.d/asterisk.conf
+    - Fixed security log support for PJSIP and Asterisk 13+
+      (gh#fail2ban/fail2ban#1456)
+    - Improved log support for PJSIP and Asterisk 13+ with different callID
+      (gh#fail2ban/fail2ban#1458)
+
 -------------------------------------------------------------------
 Thu Mar 10 14:09:51 UTC 2016 - jweberhofer@weberhofer.at