Hello community, here is the log from the commit of package sshguard for openSUSE:Factory checked in at 2016-02-22 08:58:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sshguard (Old) and /work/SRC/openSUSE:Factory/.sshguard.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sshguard" Changes: -------- --- /work/SRC/openSUSE:Factory/sshguard/sshguard.changes 2016-01-12 16:13:42.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.sshguard.new/sshguard.changes 2016-02-22 08:58:17.000000000 +0100 @@ -1,0 +2,22 @@ +Fri Feb 19 13:18:55 UTC 2016 - joop.boo...@opensuse.org + +- Added a corrected attack treshold value (40 default) + +------------------------------------------------------------------- +Thu Feb 18 10:07:08 UTC 2016 - eshmar...@suse.com + +- Build version 1.6.3 + - Disable blacklisting by default + - Implement logging as wrappers around syslog(2) + - Improve log and error messages + - Match sendmail authentication failures + - Remove PID file option + - Remove SIGTSTP and SIGCONT handler + - Remove reverse mapping attack signature + - Remove safe_fgets() and exit on interrupt + - Terminate state entries for hosts blocked with pf + - Update and shorten command-line usage + - Use 'configure' to set feature-test macros +- Updated patch file for new version of sshguard + +------------------------------------------------------------------- Old: ---- sshguard-1.6.2.tar.xz New: ---- sshguard-1.6.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sshguard.spec ++++++ --- /var/tmp/diff_new_pack.DyQDSQ/_old 2016-02-22 08:58:18.000000000 +0100 +++ /var/tmp/diff_new_pack.DyQDSQ/_new 2016-02-22 08:58:18.000000000 +0100 @@ -17,23 +17,19 @@ Name: sshguard -Version: 1.6.2 +Version: 1.6.3 Release: 0 Summary: Protect hosts from brute force attacks against ssh License: ISC Group: Productivity/Networking/Security Url: http://www.sshguard.net -Source0: http://sourceforge.net/projects/%{name}/files/%{name}/%{version}/%{name}-%{version}.tar.xz +Source0: http://sourceforge.net/projects/%{name}/files/%{name}/%{version}/%{name}-%{version}.tar.gz Source1: sshguard.sysconfig Source2: sshguard.service Source3: sshguard.init Source4: sshguard.whitelist -# PATCH-FEATURE-UPSTREAM sshguard-gcc5.patch +# PATCH-FIX-UPSTREAM sshguard-gcc5.patch Patch0: sshguard-gcc5.patch -%if 0%{?suse_version} < 1210 -BuildRequires: xz -%endif -Requires: iptables Requires: openssh BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires(pre): %fillup_prereq @@ -105,7 +101,7 @@ %files %defattr(-,root,root,-) -%doc ChangeLog README.rst COPYING examples/ scripts/ +%doc ChangeLog README.rst COPYING examples/ %{_sbindir}/* %doc %{_mandir}/man8/%{name}* %{_localstatedir}/adm/fillup-templates/sysconfig.sshguard ++++++ sshguard-gcc5.patch ++++++ --- /var/tmp/diff_new_pack.DyQDSQ/_old 2016-02-22 08:58:18.000000000 +0100 +++ /var/tmp/diff_new_pack.DyQDSQ/_new 2016-02-22 08:58:18.000000000 +0100 @@ -1,11 +1,11 @@ -diff -Naurr sshguard-1.6.1.orig/src/sshguard_whitelist.c sshguard-1.6.1/src/sshguard_whitelist.c ---- sshguard-1.6.1.orig/src/sshguard_whitelist.c 2015-07-20 08:21:03.000000000 +0200 -+++ sshguard-1.6.1/src/sshguard_whitelist.c 2015-09-28 15:11:57.547729763 +0200 -@@ -19,6 +19,7 @@ +diff -ru sshguard-1.6.3.orig/src/sshguard_whitelist.c sshguard-1.6.3/src/sshguard_whitelist.c +--- sshguard-1.6.3.orig/src/sshguard_whitelist.c 2016-02-18 10:54:51.752229898 +0100 ++++ sshguard-1.6.3/src/sshguard_whitelist.c 2016-02-18 11:00:02.760786847 +0100 +@@ -18,6 +18,7 @@ + * SSHGuard. See http://www.sshguard.net */ - +#define _GNU_SOURCE - #include <stdio.h> - #include <string.h> - #include <stdlib.h> + #include <arpa/inet.h> + #include <assert.h> + #include <netdb.h> ++++++ sshguard.service ++++++ --- /var/tmp/diff_new_pack.DyQDSQ/_old 2016-02-22 08:58:18.000000000 +0100 +++ /var/tmp/diff_new_pack.DyQDSQ/_new 2016-02-22 08:58:18.000000000 +0100 @@ -8,7 +8,7 @@ ExecStartPre=/usr/sbin/ip6tables -N sshguard ExecStartPre=/usr/sbin/iptables -I INPUT 1 -p tcp --dport $PORTS -j sshguard ExecStartPre=/usr/sbin/ip6tables -I INPUT 1 -p tcp --dport $PORTS -j sshguard -ExecStart=/usr/sbin/sshguard -a $ATTACK_ATTEMPTS -p $RELEASE_TIMEOUT -s $FORGET_TIMEOUT -w $WHITELIST -b $BLACKLIST -l $MONITORED_LOGS +ExecStart=/usr/sbin/sshguard -a $ATTACK_TRESHOLD -p $RELEASE_TIMEOUT -s $FORGET_TIMEOUT -w $WHITELIST -b $BLACKLIST -l $MONITORED_LOGS ExecReload=/bin/kill -HUP $MAINPID ExecStopPost=/usr/sbin/iptables -F sshguard ExecStopPost=/usr/sbin/ip6tables -F sshguard ++++++ sshguard.sysconfig ++++++ --- /var/tmp/diff_new_pack.DyQDSQ/_old 2016-02-22 08:58:18.000000000 +0100 +++ /var/tmp/diff_new_pack.DyQDSQ/_new 2016-02-22 08:58:18.000000000 +0100 @@ -15,9 +15,9 @@ PORTS="22" ## Type: integer -## Default: 4 -# Number of attacks before IP gets blocked -ATTACK_ATTEMPTS="4" +## Default: 40 +# Attack threshold before IP gets blocked, one attempt is 10 +ATTACK_TRESHOLD="40" ## Type: integer ## Default: 420