Package: denyhosts Version: 2.6-10+deb7u3 Severity: normal Hi all,
denyhosts has been removed from Debian for good reasons, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732712 These reasons were: 1. Unaddressed security issues 2. Dead upstream 3. Viable alternative (fail2ban) There is now a new, active, upstream for denyhosts at github: https://github.com/denyhosts/denyhosts The new upstream has applied many of the downstream patches from Debian and Fedora and has released version 2.7 to 2.10 until now. There are patches for CVEs in the git repo. In short, it looks quite active. denyhosts also does have a unique feature: it enables users to share their host lists, which allows me to pre-emptively blocks brute force attacks before they even reach me. This is an important feature for me. I think all of the original reasons for removing denyhosts from Debian have been invalidated by these developments. I'm looking into possibilities to revive the denyhosts package for stretch. I'll post an ITP shortly. Cheers Jan-Pascal -- System Information: Debian Release: 8.0 APT prefers stable APT policy: (990, 'stable'), (700, 'oldstable'), (200, 'unstable'), (10, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.14-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
