Site Navigation:
security fail2ban-0.8.8-1.el6 security update
Status:stable
Release: Fedora EPEL 6
Update ID: FEDORA-EPEL-2012-13786
Builds: fail2ban-0.8.8-1.el6 (logs)
Pushed: True
Date Submitted: 2012-12-17 22:28:08
Date Released: 2012-12-18 00:31:31
Submitter: orion
Karma: 0
Details

Update to 0.8.8 (CVE-2012-5642 Bug #887914)

  • Fixes:

Alan Jenkins * [8c38907] Removed 'POSSIBLE BREAK-IN ATTEMPT' from sshd filter to avoid banning due to misconfigured DNS. Close gh-64 Yaroslav Halchenko * [83109bc] IMPORTANT: escape the content of <matches> (if used in custom action files) since its value could contain arbitrary symbols. Thanks for discovery go to the NBS System security team * [b159eab] do not enable pyinotify backend if pyinotify < 0.8.3 * [37a2e59] store IP as a base, non-unicode str to avoid spurious messages in the console. Close gh-91

  • New features:

David Engeset * [2d672d1,6288ec2] 'unbanip' command for the client + avoidance of touching the log file to take 'banip' or 'unbanip' in effect. Close gh-81, gh-86 Yaroslav Halchenko

  • Enhancements:

  • [2d66f31] replaced uninformative "Invalid command" message with warning log exception why command actually failed

  • [958a1b0] improved failregex to "support" auth.backend = "htdigest"
  • [9e7a3b7] until we make it proper module -- adjusted sys.path only if system-wide run
  • [f52ba99] downgraded "already banned" from WARN to INFO level. Closes gh-79
  • [f105379] added hints into the log on some failure return codes (e.g. 0x7f00 for this gh-87)
  • Various others: travis-ci integration, script to run tests against all available Python versions, etc
Bugs Fixed
887914 - CVE-2012-5642: fail2ban: does not escape the content of &lt;matches&gt;
887916 - fail2ban: does not escape the content of <matches> [epel-all]
Feedback
bodhi - 2012-12-17 22:28:40
This update has been submitted for testing by orion.
bodhi - 2012-12-17 23:33:55
This update is currently being pushed to the Fedora EPEL 6 testing updates repository.
bodhi - 2012-12-18 01:19:09
This update has been pushed to testing
bodhi - 2013-01-01 10:06:00
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2013-01-02 16:57:22
This update has been submitted for stable by orion.
bodhi - 2013-01-02 17:25:31
This update is currently being pushed to the Fedora EPEL 6 stable updates repository.
bodhi - 2013-01-02 19:09:38
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters