On Sat, Jan 19, 2013 at 5:42 PM, Aron Xu a...@debian.org wrote:
On Fri, Jan 18, 2013 at 4:24 AM, Yaroslav Halchenko y...@debian.org wrote:
squeeze backports -- would like to get fresh version from wheezy (hm
http://packages.debian.org/squeeze-backports/fail2ban doesn't even list
On Fri, Jan 18, 2013 at 4:24 AM, Yaroslav Halchenko y...@debian.org wrote:
squeeze backports -- would like to get fresh version from wheezy (hm
http://packages.debian.org/squeeze-backports/fail2ban doesn't even list
corresponding changelog, so can't deduce maintainer of bpo build
easily...
On Thu, Jan 17, 2013 at 03:24:05PM -0500, Yaroslav Halchenko wrote:
On Thu, 17 Jan 2013, Jonathan Wiltshire wrote:
Package: fail2ban
Dear maintainer,
Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a
Package: fail2ban
Dear maintainer,
Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the following suites
through point releases:
squeeze (6.0.7)
On Thu, 17 Jan 2013, Jonathan Wiltshire wrote:
Package: fail2ban
Dear maintainer,
Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the
On Mon, Dec 17, 2012 at 01:16:27PM -0500, Yaroslav Halchenko wrote:
Thank you my consciousness ;)
Just a note: this issue is very unlikely to hit anyone since
matches is not used by default in any shipped action file
and it was only recently introduced so I doubt it was adopted by more
for better or worse -- uploaded 0.8.6-3wheezy1 now. I will let it
boil for few days to see if nothing got screwed up, and then will
request unblock
cheers,
On Mon, 24 Dec 2012, Moritz Mühlenhoff wrote:
But indeed -- wheezy should get a patched version.
Meanwhile -- anyone in need to run
Package: fail2ban
Version: 0.8.6-3
Severity: important
Information from CVE request:
http://www.openwall.com/lists/oss-security/2012/12/17/1
The release notes for fail2ban 0.8.8 indicate:
* [83109bc] IMPORTANT: escape the content of matches (if used in
custom action files) since its
Thank you my consciousness ;)
Just a note: this issue is very unlikely to hit anyone since
matches is not used by default in any shipped action file
and it was only recently introduced so I doubt it was adopted by more
than a handful deployments.
But indeed -- wheezy should get a patched
9 matches
Mail list logo
