Ubuntu
fail2ban package

lp:ubuntu/vivid-proposed/fail2ban

  1. Vivid (15.04)
  2. vivid-proposed
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/vivid-proposed/fail2ban
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

30. By Yaroslav Halchenko

* To become fresh upstream release (Closes: #742976)
  - 0.9 series is quite a big leap in development, especially since 0.8.6
    which made it to previous Debian stable wheezy. Please consult upstream
    ChangeLog about changes
* debian/control
  - boost policy to 3.9.6

29. By Yaroslav Halchenko

* New upstream bug-fix release: but consider 0.9.0 (to be uploaded to
  experimental)
* debian/jail:
  - new jail definitions: apache-modsecurity, apache-nohome, freeswitch,
    ejabberd-auth, ssh-blocklist, nagios
  - new configuration option: ignorecommand
* debian/post{inst,rm},preinst:
  - [thanks to Daniel Schaal]: take care about renaming config files
    - firewall-cmd-direct-new.conf to firewallcmd-new.conf which happened
      in 0.8.11-29-g56b6bf7
    - lighttpd-fastcgi.conf to suhosin.conf and
      sasl.conf to postfix-sasl.conf in the past 0.8.11 release

28. By Yaroslav Halchenko

* Fresh upstream release
  - this release tightens all shipped filters to preclude
    possible injections leading to targetted DoS attacks.
  - omitted entry for ~pre release changelog:
    - asterisk filter was fixed (Closes: #719662),
    - nginx filter/jail added (Closes: #668064)
    - better detection of log rotation in polling backend (Closes: #696087)
    - includes sever name (uname -n) into subject of sendmail actions
      (Closes: #709196)
* debian/jail.conf
  - dropbear jail: use dropbear filter (instead of ssh) and monitor
    auth.log instead of non-existing /var/log/dropbear (Closes: #620760)
* debian/NEWS
  - information for change of default iptables action to REJECT now
    (Closes: #711463)
* debian/patches
  - changeset_d4f6ca4f8531f332bcb7ce3a89102f60afaaa08e.diff
    post-release change to support native proftpd date format which
    includes milliseconds (Closes: #648276)
  - changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff
    absorbed upstream

27. By Yaroslav Halchenko

* Snapshot of the upcoming new release candidate
  - improves dovecot (Closes: #709324), wuftpd (Closes: #665925)
    failregex'es
  - provides support for OpenSSH 6.3 (Closes: #722970)
* debian/watch
  - restrict version matching only to numbers and period (to exclude
    alpha releases of 0.9 series)
* debian/jail.conf
  - slightly adjusted for changes in master (suhosin replaced
    lighttpd-auth filer name, and postfix-sasl for sasl)
  - added nginx-http-auth. More jails to be adopted from upsream.

26. By Yaroslav Halchenko

* debian/jail.conf
  - added "submission" (port 587) to all SMTP-related jails (Closes:
    #714632). Thanks Tony den Haan for the report

25. By Yaroslav Halchenko

* New upstream release
  - addresses possible DoS for anyone enabling many of apache- filters

24. By Yaroslav Halchenko

* New upstream release
  - significant improvements in documentation (Closes: #400416)
  - roundcube auth filter (Closes: #699442)
  - enforces C locale for dates (Closes: #686341)
  - provides bash_completion.d/fail2ban
* debian/jail.conf:
  - added findtime and documentation on those basic options from jail.conf
    (Closes: #704568)
  - added new sample jails definitions for ssh-route, ssh-iptables-ipset{4,6},
    roundcube-auth, sogo-auth, mysqld-auth
* debian/control:
  - suggest system-log-daemon (Closes: #691001)
  - boost policy compliance to 3.9.4
* debian/rules:
  - run fail2ban's unittests at build time but ignore the failures
    (there are still some known issues to fix up to guarantee robust testing
    in clean chroots etc).
    Only pyinotify was added to build-depends since gamin might still be
    buggy on older releases and get stuck, which would complicate
    backporting

23. By Yaroslav Halchenko

* CVE-2012-5642: Escape the content of <matches> since its value could
  contain arbitrary symbols (Closes: #696184)
* Since package source format remained 1.0, manpages patch
  (deb_manpages_reportbug) was not applied -- fold it into .diff.gz

22. By Yaroslav Halchenko

* Added dovecot section to Debian's jail.conf. Thanks to Laurent
  Léonard (Closes: #655182)
* init.d script now returns non-0 exit codes upon status command
  with not running / failed to connect server. Thanks to
  Glenn Aaldering for the patch

21. By Yaroslav Halchenko

* Added pure-ftpd section to Debian's jail.conf. Thanks to Laurent
  Léonard (Closes: #654412)
* Enhancement: action to use /proc/net/xt_recent and run f2b as a normal
  user. Many many thanks to Zbyszek Szmek (Closes: #602016)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/vivid/fail2ban
This branch contains Public information 
Everyone can see this information.

Subscribers