BF: Added patch 00_numeric_iptables-L to avoid possible DoS attacks

(introduced upstream in 0.7.6)

debian/changelog

@@ -1,11 +1,13 @@
-fail2ban (0.7.5-2etch1~pre2) stable-security; urgency=low
+fail2ban (0.7.5-2etch1~pre3) stable-security; urgency=low
 
   * NOT RELEASED YET
   * Propagated fix for asctime pattern from 0.7.8 release (closes: #421848)
-  * Propagated fix for not closed log files from 0.7.8-1 
+  * Propagated fix for not closed log files from 0.7.8-1
     (closes: #439962,434368)
   * Propagated fix for "reload" bug which is as sever as #439962 and just
     never was hit by any Debian user yet
+  * Added patch 00_numeric_iptables-L to avoid possible DoS attacks
+    (introduced upstream in 0.7.6)
 
  -- Yaroslav Halchenko <debian@onerussian.com>  Tue, 01 May 2007 22:18:03 -0400
 

debian/patches/00_numeric_iptables-L.dpatch

@@ -0,0 +1,19 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 00_numeric_iptables-L.dpatch by Yaroslav Halchenko <debian@onerussian.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad fail2ban~/config/action.d/iptables.conf fail2ban/config/action.d/iptables.conf
+--- fail2ban~/config/action.d/iptables.conf	2007-11-06 15:00:04.000000000 -0500
++++ fail2ban/config/action.d/iptables.conf	2007-11-06 15:01:33.000000000 -0500
+@@ -27,7 +27,7 @@
+ # Notes.:  command executed once before each fwban command
+ # Values:  CMD
+ #
+-actioncheck = iptables -L INPUT | grep -q fail2ban-<name>
++actioncheck = iptables -n -L INPUT | grep -q fail2ban-<name>
+ 
+ # Option:  fwban
+ # Notes.:  command executed when banning an IP. Take care that the

debian/patches/00list

@@ -3,6 +3,7 @@ X00_rigid_python24
 00_iptables_NEW
 00_close_log
 00_reload
+00_numeric_iptables-L
 10_dbts_manpages
 10_wuftpd_section
 00_mail-whois-lines