mirror of https://github.com/fail2ban/fail2ban
Revert the CVE-2021-32749 fix (Closes: #991449) Debian bookworm has the mailutils version with the proper fix
parent
418b01b68b
commit
13f3990373
|
@ -1,3 +1,10 @@
|
||||||
|
fail2ban (0.11.2-5) unstable; urgency=medium
|
||||||
|
|
||||||
|
* Revert the CVE-2021-32749 fix (Closes: #991449)
|
||||||
|
Debian bookworm has the mailutils version with the proper fix
|
||||||
|
|
||||||
|
-- Sylvestre Ledru <sylvestre@debian.org> Thu, 20 Jan 2022 23:21:44 +0100
|
||||||
|
|
||||||
fail2ban (0.11.2-4) unstable; urgency=medium
|
fail2ban (0.11.2-4) unstable; urgency=medium
|
||||||
|
|
||||||
* Cherry pick 5ac303df8a171f748330d4c645ccbf1c2c7f3497
|
* Cherry pick 5ac303df8a171f748330d4c645ccbf1c2c7f3497
|
||||||
|
|
|
@ -1,147 +0,0 @@
|
||||||
config/action.d/complain.conf | 2 +-
|
|
||||||
config/action.d/dshield.conf | 2 +-
|
|
||||||
config/action.d/mail-buffered.conf | 8 ++++----
|
|
||||||
config/action.d/mail-whois-lines.conf | 2 +-
|
|
||||||
config/action.d/mail-whois.conf | 6 +++---
|
|
||||||
config/action.d/mail.conf | 6 +++---
|
|
||||||
6 files changed, 13 insertions(+), 13 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/config/action.d/complain.conf b/config/action.d/complain.conf
|
|
||||||
index 3a5f882c..4d73b058 100644
|
|
||||||
--- a/config/action.d/complain.conf
|
|
||||||
+++ b/config/action.d/complain.conf
|
|
||||||
@@ -102,7 +102,7 @@ logpath = /dev/null
|
|
||||||
# Notes.: Your system mail command. Is passed 2 args: subject and recipient
|
|
||||||
# Values: CMD
|
|
||||||
#
|
|
||||||
-mailcmd = mail -s
|
|
||||||
+mailcmd = mail -E 'set escape' -s
|
|
||||||
|
|
||||||
# Option: mailargs
|
|
||||||
# Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
|
|
||||||
diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
|
|
||||||
index c128bef3..3d5a7a53 100644
|
|
||||||
--- a/config/action.d/dshield.conf
|
|
||||||
+++ b/config/action.d/dshield.conf
|
|
||||||
@@ -179,7 +179,7 @@ tcpflags =
|
|
||||||
# Notes.: Your system mail command. Is passed 2 args: subject and recipient
|
|
||||||
# Values: CMD
|
|
||||||
#
|
|
||||||
-mailcmd = mail -s
|
|
||||||
+mailcmd = mail -E 'set escape' -s
|
|
||||||
|
|
||||||
# Option: mailargs
|
|
||||||
# Notes.: Additional arguments to mail command. e.g. for standard Unix mail:
|
|
||||||
diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf
|
|
||||||
index 325f185b..79b84104 100644
|
|
||||||
--- a/config/action.d/mail-buffered.conf
|
|
||||||
+++ b/config/action.d/mail-buffered.conf
|
|
||||||
@@ -17,7 +17,7 @@ actionstart = printf %%b "Hi,\n
|
|
||||||
The jail <name> has been started successfully.\n
|
|
||||||
Output will be buffered until <lines> lines are available.\n
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
|
|
||||||
|
|
||||||
# Option: actionstop
|
|
||||||
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
|
|
||||||
@@ -28,13 +28,13 @@ actionstop = if [ -f <tmpfile> ]; then
|
|
||||||
These hosts have been banned by Fail2Ban.\n
|
|
||||||
`cat <tmpfile>`
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary from <fq-hostname>" <dest>
|
|
||||||
rm <tmpfile>
|
|
||||||
fi
|
|
||||||
printf %%b "Hi,\n
|
|
||||||
The jail <name> has been stopped.\n
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
|
|
||||||
|
|
||||||
# Option: actioncheck
|
|
||||||
# Notes.: command executed once before each actionban command
|
|
||||||
@@ -55,7 +55,7 @@ actionban = printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>
|
|
||||||
These hosts have been banned by Fail2Ban.\n
|
|
||||||
`cat <tmpfile>`
|
|
||||||
\nRegards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: Summary" <dest>
|
|
||||||
rm <tmpfile>
|
|
||||||
fi
|
|
||||||
|
|
||||||
diff --git a/config/action.d/mail-whois-lines.conf b/config/action.d/mail-whois-lines.conf
|
|
||||||
index 3a3e56b2..d2818cb9 100644
|
|
||||||
--- a/config/action.d/mail-whois-lines.conf
|
|
||||||
+++ b/config/action.d/mail-whois-lines.conf
|
|
||||||
@@ -72,7 +72,7 @@ actionunban =
|
|
||||||
# Notes.: Your system mail command. Is passed 2 args: subject and recipient
|
|
||||||
# Values: CMD
|
|
||||||
#
|
|
||||||
-mailcmd = mail -s
|
|
||||||
+mailcmd = mail -E 'set escape' -s
|
|
||||||
|
|
||||||
# Default name of the chain
|
|
||||||
#
|
|
||||||
diff --git a/config/action.d/mail-whois.conf b/config/action.d/mail-whois.conf
|
|
||||||
index 7fea34c4..ab33b616 100644
|
|
||||||
--- a/config/action.d/mail-whois.conf
|
|
||||||
+++ b/config/action.d/mail-whois.conf
|
|
||||||
@@ -20,7 +20,7 @@ norestored = 1
|
|
||||||
actionstart = printf %%b "Hi,\n
|
|
||||||
The jail <name> has been started successfully.\n
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
|
|
||||||
|
|
||||||
# Option: actionstop
|
|
||||||
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
|
|
||||||
@@ -29,7 +29,7 @@ actionstart = printf %%b "Hi,\n
|
|
||||||
actionstop = printf %%b "Hi,\n
|
|
||||||
The jail <name> has been stopped.\n
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
|
|
||||||
|
|
||||||
# Option: actioncheck
|
|
||||||
# Notes.: command executed once before each actionban command
|
|
||||||
@@ -49,7 +49,7 @@ actionban = printf %%b "Hi,\n
|
|
||||||
Here is more information about <ip> :\n
|
|
||||||
`%(_whois_command)s`\n
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
|
|
||||||
|
|
||||||
# Option: actionunban
|
|
||||||
# Notes.: command executed when unbanning an IP. Take care that the
|
|
||||||
diff --git a/config/action.d/mail.conf b/config/action.d/mail.conf
|
|
||||||
index 5d8c0e15..f4838ddc 100644
|
|
||||||
--- a/config/action.d/mail.conf
|
|
||||||
+++ b/config/action.d/mail.conf
|
|
||||||
@@ -16,7 +16,7 @@ norestored = 1
|
|
||||||
actionstart = printf %%b "Hi,\n
|
|
||||||
The jail <name> has been started successfully.\n
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: started on <fq-hostname>" <dest>
|
|
||||||
|
|
||||||
# Option: actionstop
|
|
||||||
# Notes.: command executed at the stop of jail (or at the end of Fail2Ban)
|
|
||||||
@@ -25,7 +25,7 @@ actionstart = printf %%b "Hi,\n
|
|
||||||
actionstop = printf %%b "Hi,\n
|
|
||||||
The jail <name> has been stopped.\n
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: stopped on <fq-hostname>" <dest>
|
|
||||||
|
|
||||||
# Option: actioncheck
|
|
||||||
# Notes.: command executed once before each actionban command
|
|
||||||
@@ -43,7 +43,7 @@ actionban = printf %%b "Hi,\n
|
|
||||||
The IP <ip> has just been banned by Fail2Ban after
|
|
||||||
<failures> attempts against <name>.\n
|
|
||||||
Regards,\n
|
|
||||||
- Fail2Ban"|mail -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
|
|
||||||
+ Fail2Ban"|mail -E 'set escape' -s "[Fail2Ban] <name>: banned <ip> from <fq-hostname>" <dest>
|
|
||||||
|
|
||||||
# Option: actionunban
|
|
||||||
# Notes.: command executed when unbanning an IP. Take care that the
|
|
|
@ -6,7 +6,6 @@ deb_no_iptables_service
|
||||||
python3-test-suite.diff
|
python3-test-suite.diff
|
||||||
no-python-user.diff
|
no-python-user.diff
|
||||||
roundcube.diff
|
roundcube.diff
|
||||||
fix-mail.patch
|
|
||||||
debian_roundcube.diff
|
debian_roundcube.diff
|
||||||
systemd-run.diff
|
systemd-run.diff
|
||||||
scanlogd.patch
|
scanlogd.patch
|
||||||
|
|
Loading…
Reference in New Issue