[SECURITY] Fedora 10 Update: fail2ban-0.8.3-18.fc10

updates at fedoraproject.org updates at fedoraproject.org
Sat Feb 14 22:15:22 UTC 2009


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-1737
2009-02-14 21:22:31.622910
--------------------------------------------------------------------------------

Name        : fail2ban
Product     : Fedora 10
Version     : 0.8.3
Release     : 18.fc10
URL         : http://fail2ban.sourceforge.net/
Summary     : Ban IPs that make too many password failures
Description :
Fail2ban scans log files like /var/log/pwdfail or
/var/log/apache/error_log and bans IP that makes too many password
failures. It updates firewall rules to reject the IP address.

--------------------------------------------------------------------------------
Update Information:

This updates fixes CVE-2009-0362. See     http://cve.mitre.org/cgi-
bin/cvename.cgi?name=CVE-2009-0362    for further details.
--------------------------------------------------------------------------------
ChangeLog:

* Sat Feb 14 2009 Axel Thimm <Axel.Thimm at ATrpms.net> - 0.8.3-18
- Fix CVE-2009-0362 (Fedora bugs #485461, #485464, #485465, #485466).
* Mon Dec  1 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm at gmail.com> - 0.8.3-17
- Rebuild for Python 2.6
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #485461 - CVE-2009-0362 fail2ban: remote DoS via crafted domain names
        https://bugzilla.redhat.com/show_bug.cgi?id=485461
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update fail2ban' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list