fail2ban/debian/patches/changeset_ac061155f093464fb...

From: Yaroslav Halchenko <debian@onerussian.com>
Subject: BF: anchor introduced nginx-http-auth at the end
  needed since request probably could be not a correct HTTP statement but
continue with all those to match till the end and then injected ", client:
VICTIM, server..." thus allowing injection.  We better anchor at the end then

--- a/config/filter.d/nginx-http-auth.conf
+++ b/config/filter.d/nginx-http-auth.conf
@@ -4,7 +4,7 @@
 [Definition]
 
 
-failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (password mismatch|was not found in ".*"), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"
+failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (password mismatch|was not found in ".*"), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"\s*$
 
 ignoreregex =
added patch changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff to "cherry-pick" ac061155f093464fb6cd2329d3d513b15c68e256 (BF: anchor introduced nginx-http-auth at the end) 2013-11-09 01:30:35 +00:00			`From: Yaroslav Halchenko <debian@onerussian.com>`
			`Subject: BF: anchor introduced nginx-http-auth at the end`
			`needed since request probably could be not a correct HTTP statement but`
			`continue with all those to match till the end and then injected ", client:`
			`VICTIM, server..." thus allowing injection. We better anchor at the end then`

			`--- a/config/filter.d/nginx-http-auth.conf`
			`+++ b/config/filter.d/nginx-http-auth.conf`
			`@@ -4,7 +4,7 @@`
			`[Definition]`


			`-failregex = ^ \[error\] \d+#\d+: \\d+ user "\S+":? (password mismatch\|was not found in "."), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"`
			`+failregex = ^ \[error\] \d+#\d+: \\d+ user "\S+":? (password mismatch\|was not found in "."), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"\s*$`

			`ignoreregex =`