Your message dated Thu, 06 Jul 2006 03:32:12 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#376462: fixed in logcheck 1.2.45
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: logcheck-database
Version: 1.2.44
Severity: wishlist
Tags: patch
Rationale: unless you're paranoid, you don't really care about
people banging your SSH port and trying random user names.
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: I(llegal|nvalid)
user [-[:alnum:]]+ from (::ffff:)?[.[:digit:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\)
check pass; user unknown$
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <[EMAIL PROTECTED]>
: :' : proud Debian developer and author: http://debiansystem.info
`. `'`
`- Debian - when you have better things to do than fixing a system
signature.asc
Description: Digital signature (GPG/PGP)
--- End Message ---
--- Begin Message ---
Source: logcheck
Source-Version: 1.2.45
We believe that the bug you reported is fixed in the latest version of
logcheck, which is due to be installed in the Debian FTP archive:
logcheck-database_1.2.45_all.deb
to pool/main/l/logcheck/logcheck-database_1.2.45_all.deb
logcheck_1.2.45.dsc
to pool/main/l/logcheck/logcheck_1.2.45.dsc
logcheck_1.2.45.tar.gz
to pool/main/l/logcheck/logcheck_1.2.45.tar.gz
logcheck_1.2.45_all.deb
to pool/main/l/logcheck/logcheck_1.2.45_all.deb
logtail_1.2.45_all.deb
to pool/main/l/logcheck/logtail_1.2.45_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Todd Troxell <[EMAIL PROTECTED]> (supplier of updated logcheck package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 6 Jul 2006 06:13:19 -0500
Source: logcheck
Binary: logcheck logtail logcheck-database
Architecture: source all
Version: 1.2.45
Distribution: unstable
Urgency: low
Maintainer: Debian logcheck Team <[email protected]>
Changed-By: Todd Troxell <[EMAIL PROTECTED]>
Description:
logcheck - mails anomalies in the system logfiles to the administrator
logcheck-database - database of system log rules for the use of log checkers
logtail - Print log file lines that have not been read
Closes: 354820 355085 356681 360120 365565 366364 367781 368313 368318 368652
368878 368900 369263 369294 369487 369497 369603 372541 376461 376462 376464
376469 376472 376474 376489 376739 376968
Changes:
logcheck (1.2.45) unstable; urgency=low
.
[ Todd Troxell ]
* Increment version
.
[ Jamie Penman-Smithson ]
* ignore.d.server/smartd: Add rule to match normal temperature changes.
* violations.ignore.d/logcheck-sudo: Ignore invocation of sudoedit too.
Thanks to Jan Braun <[EMAIL PROTECTED]>. (Closes: #360120)
* ignore.d.server/dhcp: Match new DHCP log format with IPv6 addresses.
(Closes: #369603)
* violations.ignore.d/logcheck-ssh: Match new log format in openssh
4.3. (Closes: #369497)
* ignore.d.server/oidentd: Match IPv6 addresses too. Thanks to
Elmar Hoffmann <[EMAIL PROTECTED]> for the patch. (Closes: #369294)
* ignore.d.server/oidentd: Remove superfluous rule for connections from
localhost.
* ignore.d.server/pdns: Ignore 'Refreshed n records' messages.
(Closes: #369263)
* ignore.d.server/smartd: Minor change to rule for "Temperature changed"
messages.
* ignore.d.server/xinetd: Add the first rules for xinetd.
* ignore.d.server/smartd: Merge two rules for self-test messages into one.
(Closes: #368878)
* ignore.d.server/saslauthd: Add rule to suppress 'client step' messages.
(Closes: #368652)
* violations.ignore.d/logcheck-postfix: Update rules for postgrey.
(Closes: #368318)
* violations.ignore.d/logcheck-postfix: Add rule to suppress smtpd '554
Access denied' messages. (Closes: #368313)
* ignore.d.server/postfix: Fix rule to really match 'read timeout' messages.
(Closes: #367781)
* ignore.d.server/spamd: Merge in rules from the spamassassin package.
(Closes: #366364)
* Minor changes to usage summary and explanation of FQDN option.
(Closes: #365565)
* ignore.d.server/dkfilter: Minor fix to rules for dkfilter.out.
Match 'wrong sender domain' messages from dkfilter.out.
* ignore.d.workstation/anacron: Move to ignore.d.server. (Closes: #368900)
.
[ maximilian attems ]
* ignore.d.server/dovecot: Add rule for aborted logins.
* ignore.d.workstation/kdm: Ignore kdm-greeter logline.
* ignore.d.server/nagios: Improve existing rules, add newer for service
flapping and ping logging.
* ignore.d.server/sympa: Add impressive ruleset on common ml operations.
* ignore.d.server/stunnel: New rules.
* ignore.d.server/squid: Add 2 rules for cachemgr.
* ignore.d.server/rsync: Add 2 rules for common rsyncd failures.
* ignore.d.server/rsnapshot: Add 2 rules for casual rsnapshort warnings.
* ignore.d.server/proftpd: Add 3 rules about usual ftpd operations.
* ignore.d.server/ntp: Ignore to many recvbufs.
Thanks to all the above rules to Peter Palfrader <[EMAIL PROTECTED]>.
* ignore.d.workstation/kernel: Add rules to reduce noise on swsusp.
* debian/logcheck.postinst: Remove old check against woody version
removing /var/cache/logcheck.
* debian/logcheck-database.preinst, debian/logcheck-database.postinst:
Remove checks against old woody symlinkfarm.
* debian/logtail.preinst: Remove old dpkg-divert handling.
* debian/control: Remove useless versioned depends on debianutils and
po-debconf. Versions are satisfied on Sarge.
* debian/control: Conform to policy 3.7.2 without changes.
* ignore.d.server/dhcp: Properly escape dots.
.
[ Gerfried Fuchs ]
* debian/control: move debhelper dependency to Build-Depends due to policy
requirements.
.
[ martin f. krafft ]
* ignore.d.server/cron: added rules to ignore begin/end of crontab
edits (closes: #356681).
* ignore.d.server/cron: added crontab-specific lines from
ignore.d.workstation/cron (and removed them there).
* ignore.d.*/cron-apt: moved cron-apt rules from workstation to server.
* ignore.d.server/dhclient: even 3.0 sleeps when no lease in persistent
database.
* ignore.d.workstation/dovecot: Added/updated dovecot 1.0 rules.
* ignore.d.server/kernel: added rules to ignore martian, ll header, and
icmpv6_send warnings.
* ignore.d.server/pdns: added many rules for standard pdns operational
messages.
* violations.ignore.d/logcheck-pdns: ignore denied AXFR requests.
* ignore.d.server/postfix: ignoring cleanup header_checks REPLACE messages
(closes: #376489).
* ignore.d.server/postfix: extending rule for "too many errors" to cover all
SMTP commands (closes: #376472).
* ignore.d.server/postfix: ignoring dNSNames complaints (closes: #376469,
and parts of 369487).
* ignore.d.server/postfix: ignoring bounce message about sender non-delivery
notification.
* violations.ignore.d/logcheck-postfix: ignore invalid SASL logins, PAM
will complain with more details (closes: #369487).
* violations.ignore.d/logcheck-postfix: ignore HELO access check rejections
(closes: #376968).
* ignore.d.[ws]*/ppp: adding/updating rules to ignore informational
messages.
* ignore.d.server/proftpd: adding ANON command to successful login rule and
noticing that the other rule of the bug has already been fixed
(closes: #372541).
* ignore.d.server/proftpd: ignoring logins with unknown users.
* ignore.d.workstation/proftpd: ignore reaching maximum number of login
attempts.
* ignore.d.server/smartd: don't be so selective about temperature filtering
(closes: #355085).
* ignore.d.server/smartd, violations.ignore.d/logcheck-smartd: ignore usage
and prefailure attribute changes given that smartd will send separate mail
when things go bad anyway.
* ignore.d.server/spamd: fixing several of the spamd rules wrt email
addresses, and added new rules for newer spamd versions.
* ignore.d.[ws]*/squid: moved messages about server stop/start/reconfigure
to workstation, and those about unchanged cache dir sizes to server.
* ignore.d.*/squid: folded in some filters for operational messages and
updated squidGuard spawn message to include all eventHelper messages.
* ignore.d.server/ssh: ignore messages about missing shadow information
for NOUSER (when there was a NULL user passed in the SSH protocol).
* ignore.d.server/ssh: make sure that we never get bothered by scans again
(closes: #376461, #354820, #376474).
* ignore.d.server/ssh: ignore SSH disconnects (closes: #376464).
* ignore.d.server/ssh, violations.ignore.d/logcheck-ssh: ignore login
attempts for nonexistent accounts (closes: #376462).
* src/logcheck: if called as root, now echoes the options back to the user
for easier cut-n-paste.
* debian/control: recommend logcheck-database instead of depending on it
(closes: #376739).
Files:
68967d1c79fbf62d1ad07acd29c0036a 729 admin optional logcheck_1.2.45.dsc
022e4a3ba534bf24b76b078c33d11ce7 115238 admin optional logcheck_1.2.45.tar.gz
6b51112034c527f3346d1e55321fd266 54076 admin optional logcheck_1.2.45_all.deb
7625dea1c0e8c56e7c01ade570e0afba 74578 admin optional
logcheck-database_1.2.45_all.deb
cb926d143140871685119e3b3be1dea0 34620 admin optional logtail_1.2.45_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFErOM64u3oQ3FHP2YRAvhRAJ4loODphW71jqtBTW8mnP6+LXv8xgCgh1VC
L3p0re0D94Vpb98qGcZvrzk=
=4ZL5
-----END PGP SIGNATURE-----
--- End Message ---
