changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff absorbed upstream

debian/changelog

@@ -19,6 +19,8 @@ fail2ban (0.8.11-1) unstable; urgency=low
     - changeset_d4f6ca4f8531f332bcb7ce3a89102f60afaaa08e.diff
       post-release change to support native proftpd date format which
       includes milliseconds (Closes: #648276)
+    - changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff
+      absorbed upstream
 
  -- Yaroslav Halchenko <debian@onerussian.com>  Sun, 17 Nov 2013 17:29:06 -0500
 

debian/patches/changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff

@@ -1,17 +0,0 @@
-From: Yaroslav Halchenko <debian@onerussian.com>
-Subject: BF: anchor introduced nginx-http-auth at the end
-  needed since request probably could be not a correct HTTP statement but
-continue with all those to match till the end and then injected ", client:
-VICTIM, server..." thus allowing injection.  We better anchor at the end then
-
---- a/config/filter.d/nginx-http-auth.conf
-+++ b/config/filter.d/nginx-http-auth.conf
-@@ -4,7 +4,7 @@
- [Definition]
- 
- 
--failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (password mismatch|was not found in ".*"), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"
-+failregex = ^ \[error\] \d+#\d+: \*\d+ user "\S+":? (password mismatch|was not found in ".*"), client: <HOST>, server: \S+, request: "\S+ \S+ HTTP/\d+\.\d+", host: "\S+"\s*$
- 
- ignoreregex = 
- 

debian/patches/series

@@ -1,3 +1,2 @@
 changeset_d4f6ca4f8531f332bcb7ce3a89102f60afaaa08e.diff
 deb_manpages_reportbug
-changeset_ac061155f093464fb6cd2329d3d513b15c68e256.diff