rpms/fail2ban/F-7 fail2ban-0.8-sshd-filter.diff, 1.1, 1.2 fail2ban.spec, 1.6, 1.7

Thu Jun 21 13:32:40 UTC 2007

Author: athimm

Update of /cvs/extras/rpms/fail2ban/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15900/F-7

Modified Files:
	fail2ban-0.8-sshd-filter.diff fail2ban.spec 
Log Message:
Fix #244942.

fail2ban-0.8-sshd-filter.diff:

Index: fail2ban-0.8-sshd-filter.diff
===================================================================
RCS file: /cvs/extras/rpms/fail2ban/F-7/fail2ban-0.8-sshd-filter.diff,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2

--- fail2ban-0.8-sshd-filter.diff	3 Jun 2007 11:21:44 -0000	1.1
+++ fail2ban-0.8-sshd-filter.diff	21 Jun 2007 13:32:04 -0000	1.2
@@ -1,10 +1,18 @@
---- fail2ban-0.8.0/config/filter.d/sshd.conf.original	2007-05-27 22:44:14.000000000 +0100
-+++ fail2ban-0.8.0/config/filter.d/sshd.conf	2007-05-27 22:44:48.000000000 +0100
-@@ -18,6 +18,7 @@
-             Failed [-/\w]+ for .* from <HOST>
-             ROOT LOGIN REFUSED .* FROM <HOST>
-             [iI](?:llegal|nvalid) user .* from <HOST>
-+            User .* from <HOST> not allowed because not listed in AllowUsers
+--- fail2ban-0.8.0/config/filter.d/sshd.conf.upstream	2007-06-20 11:56:18.000000000 +0100
++++ fail2ban-0.8.0/config/filter.d/sshd.conf	2007-06-20 11:53:36.000000000 +0100
+@@ -14,10 +14,11 @@
+ #          (?:::f{4,6}:)?(?P<host>\S+)
+ # Values:  TEXT
+ #
+-failregex = Authentication failure for .* from <HOST>
+-            Failed [-/\w]+ for .* from <HOST>
+-            ROOT LOGIN REFUSED .* FROM <HOST>
+-            [iI](?:llegal|nvalid) user .* from <HOST>
++failregex = Authentication failure for .* from <HOST>$
++            Failed [-/\w]+ for .* from <HOST>$
++            ROOT LOGIN REFUSED .* FROM <HOST>$
++            [iI](?:llegal|nvalid) user .* from <HOST>$
++            User .* from <HOST> not allowed because not listed in AllowUsers$
  
  # Option:  ignoreregex
  # Notes.:  regex to ignore. If this regex matches, the line is ignored.


Index: fail2ban.spec
===================================================================
RCS file: /cvs/extras/rpms/fail2ban/F-7/fail2ban.spec,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- fail2ban.spec	3 Jun 2007 11:21:44 -0000	1.6
+++ fail2ban.spec	21 Jun 2007 13:32:04 -0000	1.7
@@ -4,7 +4,7 @@
 Summary: Ban IPs that make too many password failures
 Name: fail2ban
 Version: 0.8.0
-Release: 8%{?dist}
+Release: 9%{?dist}
 License: GPL
 Group: System Environment/Daemons
 URL: http://fail2ban.sourceforge.net/
@@ -76,6 +76,9 @@
 %config(noreplace) %{_sysconfdir}/logrotate.d/fail2ban
 
 %changelog
+* Thu Jun 21 2007 Axel Thimm <Axel.Thimm at ATrpms.net> - 0.8.0-9
+- Fix remote log injection (no CVE assignment yet).
+
 * Sun Jun  3 2007 Axel Thimm <Axel.Thimm at ATrpms.net> - 0.8.0-8
 - Also trigger on non-AllowUsers failures (Jonathan Underwood
   <jonathan.underwood at gmail.com>).


