lp:ubuntu/wily/fail2ban
- Get this branch:
- bzr branch lp:ubuntu/wily/fail2ban
Branch merges
Branch information
- Owner:
- Ubuntu branches
- Status:
- Development
Recent revisions
- 32. By Yaroslav Halchenko
-
* Fresh upstream release
* debian/control -- adjusted description to mention what Recommends
and Suggests are good for (Closes: #767114) - 31. By Yaroslav Halchenko
-
* Fresh release to celebrate jessie release and upload to unstable
* Moved python3-systemd to Recommends from Suggests given that systemd is
the default init system now. Should help people upgrading on Ubuntu 15.04
as well
* Added regular python to Recommends since apache-fakegooglebot still python2 - 30. By Yaroslav Halchenko
-
* To become fresh upstream release (Closes: #742976)
- 0.9 series is quite a big leap in development, especially since 0.8.6
which made it to previous Debian stable wheezy. Please consult upstream
ChangeLog about changes
* debian/control
- boost policy to 3.9.6 - 29. By Yaroslav Halchenko
-
* New upstream bug-fix release: but consider 0.9.0 (to be uploaded to
experimental)
* debian/jail:
- new jail definitions: apache-modsecurity, apache-nohome, freeswitch,
ejabberd-auth, ssh-blocklist, nagios
- new configuration option: ignorecommand
* debian/post{inst, rm},preinst:
- [thanks to Daniel Schaal]: take care about renaming config files
- firewall-cmd-direct- new.conf to firewallcmd- new.conf which happened
in 0.8.11-29-g56b6bf7
- lighttpd-fastcgi. conf to suhosin.conf and
sasl.conf to postfix-sasl.conf in the past 0.8.11 release - 28. By Yaroslav Halchenko
-
* Fresh upstream release
- this release tightens all shipped filters to preclude
possible injections leading to targetted DoS attacks.
- omitted entry for ~pre release changelog:
- asterisk filter was fixed (Closes: #719662),
- nginx filter/jail added (Closes: #668064)
- better detection of log rotation in polling backend (Closes: #696087)
- includes sever name (uname -n) into subject of sendmail actions
(Closes: #709196)
* debian/jail.conf
- dropbear jail: use dropbear filter (instead of ssh) and monitor
auth.log instead of non-existing /var/log/dropbear (Closes: #620760)
* debian/NEWS
- information for change of default iptables action to REJECT now
(Closes: #711463)
* debian/patches
- changeset_d4f6ca4f8531f33 2bcb7ce3a89102f 60afaaa08e. diff
post-release change to support native proftpd date format which
includes milliseconds (Closes: #648276)
- changeset_ac061155f093464 fb6cd2329d3d513 b15c68e256. diff
absorbed upstream - 27. By Yaroslav Halchenko
-
* Snapshot of the upcoming new release candidate
- improves dovecot (Closes: #709324), wuftpd (Closes: #665925)
failregex'es
- provides support for OpenSSH 6.3 (Closes: #722970)
* debian/watch
- restrict version matching only to numbers and period (to exclude
alpha releases of 0.9 series)
* debian/jail.conf
- slightly adjusted for changes in master (suhosin replaced
lighttpd-auth filer name, and postfix-sasl for sasl)
- added nginx-http-auth. More jails to be adopted from upsream. - 26. By Yaroslav Halchenko
-
* debian/jail.conf
- added "submission" (port 587) to all SMTP-related jails (Closes:
#714632). Thanks Tony den Haan for the report - 25. By Yaroslav Halchenko
-
* New upstream release
- addresses possible DoS for anyone enabling many of apache- filters - 24. By Yaroslav Halchenko
-
* New upstream release
- significant improvements in documentation (Closes: #400416)
- roundcube auth filter (Closes: #699442)
- enforces C locale for dates (Closes: #686341)
- provides bash_completion.d/fail2ban
* debian/jail.conf:
- added findtime and documentation on those basic options from jail.conf
(Closes: #704568)
- added new sample jails definitions for ssh-route, ssh-iptables-ipset{4, 6},
roundcube-auth, sogo-auth, mysqld-auth
* debian/control:
- suggest system-log-daemon (Closes: #691001)
- boost policy compliance to 3.9.4
* debian/rules:
- run fail2ban's unittests at build time but ignore the failures
(there are still some known issues to fix up to guarantee robust testing
in clean chroots etc).
Only pyinotify was added to build-depends since gamin might still be
buggy on older releases and get stuck, which would complicate
backporting - 23. By Yaroslav Halchenko
-
* CVE-2012-5642: Escape the content of <matches> since its value could
contain arbitrary symbols (Closes: #696184)
* Since package source format remained 1.0, manpages patch
(deb_manpages_ reportbug) was not applied -- fold it into .diff.gz
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/utopic/fail2ban