ver. 0.9.5 (2016/07/15) - old-not-obsolete

-----------
 
 0.9.x line is no longer heavily developed.  If you are interested in
 new features (e.g. IPv6 support), please consider 0.10 branch and its
 releases.
 
 * `filter.d/monit.conf`
     - Extended failregex with new monit "access denied" version (gh-1355)
     - failregex of previous monit version merged as single expression
 * `filter.d/postfix.conf`, `filter.d/postfix-sasl.conf`
     - Extended failregex daemon part, matching also `postfix/smtps/smtpd`
       now (gh-1391)
 * Fixed a grave bug within tags substitutions because of incorrect
   detection of recursion in case of multiple inline substitutions
   of the same tag (affected actions: `bsd-ipfw`, etc).  Now tracks
   the actual list of the already substituted tags (per tag instead
   of single list)
 * `filter.d/common.conf`
     - Unexpected extra regex-space in generic `__prefix_line` (gh-1405)
     - All optional spaces normalized in `common.conf`, test covered now
     - Generic `__prefix_line` extended with optional brackets for the
      date ambit (gh-1421), added new parameter `__date_ambit`
 * `gentoo-initd` fixed `--pidfile` bug: `--pidfile` is option of
   `start-stop-daemon`, not argument of fail2ban (see gh-1434)
 * `filter.d/asterisk.conf`
     - Fixed security log support for PJSIP and Asterisk 13+ (gh-1456)
     - Improved log support for PJSIP and Asterisk 13+ with different
       callID (gh-1458)
 
 * New Actions:
     - `action.d/firewallcmd-rich-rules` and `action.d/firewallcmd-rich-logging`
         (gh-1367)
 * New filters:
     - slapd - ban hosts, that were failed to connect with invalid
         credentials: error code 49 (gh-1478)
 
 * Extreme speedup of all sqlite database operations (gh-1436),
   by using of following sqlite options:
     - (synchronous = OFF) write data through OS without syncing
     - (journal_mode = MEMORY) use memory for the transaction logging
     - (temp_store = MEMORY) temporary tables and indices are kept in memory
 * journald journalmatch for pure-ftpd (gh-1362)
 * Added additional regex filter for dovecot ldap authentication failures (gh-1370)
 * `filter.d/exim*conf`
     - Added additional regexes (gh-1371)
     - Made port entry optional
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iEYEABECAAYFAleISZsACgkQjRFFY3XAJMhSwwCeKPqhZSkU3X/R5IVTzpYPst6h
 SLkAnjhgAVCTlzfI74qpKISTEqIH2GBS
 =2+rF
 -----END PGP SIGNATURE-----

Merge tag '0.9.5' into debian

ver. 0.9.5 (2016/07/15) - old-not-obsolete
-----------

0.9.x line is no longer heavily developed.  If you are interested in
new features (e.g. IPv6 support), please consider 0.10 branch and its
releases.

* `filter.d/monit.conf`
    - Extended failregex with new monit "access denied" version (gh-1355)
    - failregex of previous monit version merged as single expression
* `filter.d/postfix.conf`, `filter.d/postfix-sasl.conf`
    - Extended failregex daemon part, matching also `postfix/smtps/smtpd`
      now (gh-1391)
* Fixed a grave bug within tags substitutions because of incorrect
  detection of recursion in case of multiple inline substitutions
  of the same tag (affected actions: `bsd-ipfw`, etc).  Now tracks
  the actual list of the already substituted tags (per tag instead
  of single list)
* `filter.d/common.conf`
    - Unexpected extra regex-space in generic `__prefix_line` (gh-1405)
    - All optional spaces normalized in `common.conf`, test covered now
    - Generic `__prefix_line` extended with optional brackets for the
     date ambit (gh-1421), added new parameter `__date_ambit`
* `gentoo-initd` fixed `--pidfile` bug: `--pidfile` is option of
  `start-stop-daemon`, not argument of fail2ban (see gh-1434)
* `filter.d/asterisk.conf`
    - Fixed security log support for PJSIP and Asterisk 13+ (gh-1456)
    - Improved log support for PJSIP and Asterisk 13+ with different
      callID (gh-1458)

* New Actions:
    - `action.d/firewallcmd-rich-rules` and `action.d/firewallcmd-rich-logging`
        (gh-1367)
* New filters:
    - slapd - ban hosts, that were failed to connect with invalid
        credentials: error code 49 (gh-1478)

* Extreme speedup of all sqlite database operations (gh-1436),
  by using of following sqlite options:
    - (synchronous = OFF) write data through OS without syncing
    - (journal_mode = MEMORY) use memory for the transaction logging
    - (temp_store = MEMORY) temporary tables and indices are kept in memory
* journald journalmatch for pure-ftpd (gh-1362)
* Added additional regex filter for dovecot ldap authentication failures (gh-1370)
* `filter.d/exim*conf`
    - Added additional regexes (gh-1371)
    - Made port entry optional

* tag '0.9.5':
  Added missing files to MANIFEST
  BF: do not rely on long relative path to upstairs config - symlink common.conf

fail2ban/tests/config/filter.d/common.conf

@@ -0,0 +1 @@
+../../../../config/filter.d/common.conf

fail2ban/tests/config/filter.d/zzz-generic-example.conf

@@ -6,8 +6,9 @@
 [INCLUDES]
 
 # Read common prefixes. If any customizations available -- read them from
-# common.local
-before = ../../../../config/filter.d/common.conf
+# common.local.  common.conf is a symlink to the original common.conf and
+# should be copied (dereferenced) during installation
+before = common.conf
 
 [Definition]