LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2007-0621 (fail2ban)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 7 Update: fail2ban-0.8.0-9.fc7


Date:
    	      Thu, 21 Jun 2007 13:07:17 -0700


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-0621
2007-06-21 13:07:14.659284
--------------------------------------------------------------------------------

Name        : fail2ban
Product     : Fedora 7
Version     : 0.8.0
Release     : 9.fc7
Summary     : Ban IPs that make too many password failures
Description :
Fail2ban scans log files like /var/log/pwdfail or
/var/log/apache/error_log and bans IP that makes too many password
failures. It updates firewall rules to reject the IP address.

--------------------------------------------------------------------------------
Update Information:

This update closes a remote log injection bug which could lead to a DOS attack.
--------------------------------------------------------------------------------
ChangeLog:

* Thu Jun 21 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-9
- Fix remote log injection (no CVE assignment yet).
* Sun Jun  3 2007 Axel Thimm <Axel.Thimm@ATrpms.net> - 0.8.0-8
- Also trigger on non-AllowUsers failures (Jonathan Underwood
  <jonathan.underwood@gmail.com>).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #244942
        https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=244942
--------------------------------------------------------------------------------
Updated packages:

8548e0a069cb036f5096c5b78bdf94b448d5650a fail2ban-0.8.0-9.fc7.noarch.rpm
4c897d1932bd99895a0be849d8aeb8222d7c5e53 fail2ban-0.8.0-9.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds