* Propagated "Fixed removal of host in hosts.deny" from 0.7.6, to prevent

possible DoS

debian/changelog

@@ -8,6 +8,8 @@ fail2ban (0.7.5-2etch1~pre3) stable-security; urgency=low
     never was hit by any Debian user yet
   * Added patch 00_numeric_iptables-L to avoid possible DoS attacks
     (introduced upstream in 0.7.6)
+  * Propagated "Fixed removal of host in hosts.deny" from 0.7.6, to prevent
+    possible DoS
 
  -- Yaroslav Halchenko <debian@onerussian.com>  Tue, 01 May 2007 22:18:03 -0400
 

debian/patches/00_hostsdeny.dpatch

@@ -0,0 +1,32 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 00_hostsdeny.dpatch by Yaroslav Halchenko <debian@onerussian.com>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+@DPATCH@
+diff -urNad fail2ban~/config/action.d/hostsdeny.conf fail2ban/config/action.d/hostsdeny.conf
+--- fail2ban~/config/action.d/hostsdeny.conf	2007-11-06 16:19:12.000000000 -0500
++++ fail2ban/config/action.d/hostsdeny.conf	2007-11-06 16:19:56.000000000 -0500
+@@ -44,9 +44,7 @@
+ #          <time>  unix timestamp of the ban time
+ # Values:  CMD
+ #
+-actionunban = IP=<ip> &&
+-              grep -v "ALL: $IP" <file> > <tmpfile> &&
+-              mv <tmpfile> <file>
++actionunban = IP=<ip> && sed -i.old /ALL:\ $IP/d <file>
+ 
+ [Init]
+ 
+@@ -55,10 +53,3 @@
+ # Values:  STR  Default:  /etc/hosts.deny
+ #
+ file = /etc/hosts.deny
+-
+-# Option:  file
+-# Notes.:  hosts.deny temporary file path.
+-# Values:  STR  Default:  /etc/hostsdeny.failban
+-#
+-tmpfile = /tmp/hosts.deny.tmp
+-

debian/patches/00list

@@ -8,3 +8,4 @@ X00_rigid_python24
 10_wuftpd_section
 00_mail-whois-lines
 s00_asctime-0.7.8
+00_hostsdeny