Author: Yaroslav Halchenko
Revision Date: 2015-07-31 21:34:10 UTC

* Fresh upstream release
* debian/control -- adjusted description to mention what Recommends
  and Suggests are good for (Closes: #767114)

Author: Yaroslav Halchenko
Revision Date: 2015-07-31 21:34:10 UTC

* Fresh upstream release
* debian/control -- adjusted description to mention what Recommends
  and Suggests are good for (Closes: #767114)

Author: Yaroslav Halchenko
Revision Date: 2014-12-30 18:32:16 UTC

[ Christoph Anton Mitterer ]
* Do not install the following configuration files which are not used within
  the Debian package of fail2ban:
  /etc/fail2ban/paths-fedora.conf
  /etc/fail2ban/paths-freebsd.conf
  /etc/fail2ban/paths-osx.conf
  Closes: #767123

[ Yaroslav Halchenko ]
* New upstream snapshot from 0.9.1-44-gd65c4f8
  - carries a lot of fixes and improvements. Consult upstream ChangeLog
  - debian's init file is now maintained in upstream codebase (for manual
    deployments)
  - provides monit (now Suggest'ed) file which is now gets installed
    but not enabled by default: ln -s /etc/monit/{monitrc,conf}.d/fail2ban
    to assure that fail2ban process is running

Author: Yaroslav Halchenko
Revision Date: 2014-06-22 11:56:54 UTC

* Use anchored failregex for filters to avoid possible DoS. Manually
  picked up from the current status of 0.8 branch (as of
  0.8.13-29-g09b2016):
  - CVE-2013-7176: postfix.conf - anchored on the front, expects
    "postfix/smtpd" prefix in the log line
  - CVE-2013-7177: cyrus-imap.conf - anchored on the front, and
    refactored to have a single failregex
  - couriersmtp.conf - anchored on both sides
  - exim.conf - front-anchored versions picked up from exim.conf
    and exim-spam.conf
  - lighttpd-fastcgi.conf - front-anchored picked up from suhosin.conf

Author: Yaroslav Halchenko
Revision Date: 2014-03-18 23:13:35 UTC

* New upstream bug-fix release: but consider 0.9.0 (to be uploaded to
  experimental)
* debian/jail:
  - new jail definitions: apache-modsecurity, apache-nohome, freeswitch,
    ejabberd-auth, ssh-blocklist, nagios
  - new configuration option: ignorecommand
* debian/post{inst,rm},preinst:
  - [thanks to Daniel Schaal]: take care about renaming config files
    - firewall-cmd-direct-new.conf to firewallcmd-new.conf which happened
      in 0.8.11-29-g56b6bf7
    - lighttpd-fastcgi.conf to suhosin.conf and
      sasl.conf to postfix-sasl.conf in the past 0.8.11 release

Author: Yaroslav Halchenko
Revision Date: 2013-06-12 14:27:07 UTC

Anchor apache- filters failregexes to avoid possible DoS on servers
which enabled corresponding jails. Fix cherry-picked from upstream
0.8.9-29-g6ccd578 . See http://seclists.org/fulldisclosure/2013/Jun/66

Author: Yaroslav Halchenko
Revision Date: 2009-02-05 10:23:12 UTC

* NF: adding unittests for previous commit
* BF: anchoring regex for IP with " *$" at the end + adjust regexp for
  <HOST> (closes: #514163)