-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Package : fail2ban Version : 0.8.4-3+squeeze3 CVE ID : CVE-2013-7176 CVE-2013-7177
* Use anchored failregex for filters to avoid possible DoS. Manually picked up from the current status of 0.8 branch (as of 0.8.13-29-g09b2016): - CVE-2013-7176: postfix.conf - anchored on the front, expects "postfix/smtpd" prefix in the log line - CVE-2013-7177: cyrus-imap.conf - anchored on the front, and refactored to have a single failregex - couriersmtp.conf - anchored on both sides - exim.conf - front-anchored versions picked up from exim.conf and exim-spam.conf - lighttpd-fastcgi.conf - front-anchored picked up from suhosin.conf (copied from the Wheezy version) * Catch also failed logins via secured (imaps/pop3s) for cyrus-imap. Regression was introduced while strengthening failregex in 0.8.11 (bd175f) Debian bug #755173 * cyrus-imap: catch "user not found" attempts -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFT04SU02K2KlS5mJARAuvKAJ49sMZOvLjzHgf3IeQDRYq9XDjDogCghxvE VxmpRmEQ5Mvok7od+knaeQU= =qZCO -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-lts-announce-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/pine.lnx.4.64.1407261223390.13...@tor.gallien.in-chemnitz.de