Merge pull request #420 from yarikoptic/enh/release-0.8.11

DOC: release 0.8.11 - ChangeLog tidy

ChangeLog

@@ -4,39 +4,36 @@
                        |_| \__,_|_|_/___|_.__/\__,_|_||_|
 
 ================================================================================
-Fail2Ban (version 0.8.11.pre1)																				2013/10/30
+Fail2Ban (version 0.8.11.pre1)                                        2013/10/30
 ================================================================================
 
-ver. 0.8.11 (2013/11/XXX) - loves-unittests and tight, DoS free, filter regexes
+ver. 0.8.11 (2013/11/XXX) - loves-unittests-and-tight-DoS-free-filter-regexes
 -----------
 
-In light of CVE-2013-2178 that triggered our last release we have put a
+In light of CVE-2013-2178 that triggered our last release we have put
-significant effort into tightening all of the regexs of our filters to avoid
+a significant effort into tightening all of the regexs of our filters
-another similar vulnerability. All filters have been updated and some to
+to avoid another similar vulnerability. All filters have been updated
-include more failure regexs supporting previously unbanned failures and
+and some to catch more login/authentication failures and to support
-support for newer application versions too. There are test cases for most log
+for newer application versions. There are test cases for most log
 cases of failures now.
 
-As usual if you have other examples that demonstrate that a filter is
+As usual, if you have other examples that demonstrate that a filter is
-insufficient please give us an example log line on the github issue tracker
+insufficient, or if we have inadvertently introduced a regression,
-http://github.com/fail2ban/fail2ban/issues and NOT on a random blog in some
+please provide us with example log lines on the github issue tracker
-obscure corner of the Internet.
+http://github.com/fail2ban/fail2ban/issues and NOT on a random blog in
+some obscure corner of the Internet.
 
-During the tightening of the regexs to avoid DoS vulnerabilities there is the
+- IMPORTANT incompatible changes:
-possibility that we have inadvertently, despite our best intentions,
+  Filter name changes:
-incorrectly allowed a failure to continue. We will fix this as quickly as
+   * 'lighttpd-fastcgi' filter has been renamed to 'suhosin'
-humanly possible.
+   * 'sasl' has been renamed to 'postfix-sasl'
-
+   * 'exim' spam catching failregexes was split out into 'exim-spam'
-IMPORTANT incompatible changes:
+  These changes will require changing jail.{conf,local} if any of
-	Filter name changes:
+  those filters were used.
-   *  'lighttpd-fastcgi' filter has been renamed to 'suhosin'
-	 * 'sasl' has been renamed to 'postfix-sasl'
-   These will require changing in jail.{conf,local} if using these filters.
-	Exim filter has been split into an spam and a relay/auth filter.
 
 - Fixes:
   Daniel Black & Marcel Dopita
-   * filter.d/apache-auth -- fixed and apache auth samples provide. closes #286
+   * filter.d/apache-auth -- fixed and apache auth samples provide. Closes gh-286
   Yaroslav Halchenko
    * filter.d/common.conf -- make colon after [daemon] optional. Closes gh-267
    * filter.d/apache-common.conf -- support apache 2.4 more detailed error
@@ -62,8 +59,8 @@ IMPORTANT incompatible changes:
    * filter.d/asterisk -- more regexes
   Daniel Black
    * action.d/hostsdeny -- NOTE: new dependancy 'ed'. Switched to use 'ed' across
-     all platforms to ensure permissions are the same before and after a ban -
+     all platforms to ensure permissions are the same before and after a ban.
-     closes gh-266. hostsdeny supports daemon_list now too.
+     Closes gh-266. hostsdeny supports daemon_list now too.
    * action.d/bsd-ipfw - action option unsed. Change blocktype to port unreach
      instead of deny for consistancy.
    * filter.d/dovecot - added to support different dovecot failure
@@ -89,7 +86,7 @@ IMPORTANT incompatible changes:
      https://bugzilla.redhat.com/show_bug.cgi?id=998020
   John Doe (ache)
    * action.d/bsd-ipfw.conf - invert actionstop logic to make exist status 0.
-     closes gh-343.
+     Closes gh-343.
   JP Espinosa (Reviewed by O.Poplawski)
    * files/redhat-initd - rewritten to use stock init.d functions thus
      avoiding problems with getpid.  Also $network and iptables moved
@@ -110,7 +107,7 @@ IMPORTANT incompatible changes:
   Daniel Black & ykimon
    * filter.d/3proxy.conf -- filter added
    * fail2ban-regex - now generates http://www.debuggex.com urls for debugging
-	 	 regular expressions with the -D parameter.
+     regular expressions with the -D parameter.
   Daniel Black
    * filter.d/exim-spam.conf -- a splitout of exim's spam regexes
      with additions for greater control over filtering spam.
@@ -131,8 +128,8 @@ IMPORTANT incompatible changes:
    * reorder parsing of jail.conf, jail.d/*.conf, jail.local, jail.d/*.local
      and likewise for fail2ban.{conf|local|d/*.conf|d/*.local}. Closes gh-392
    * jail.conf now has asterisk jail - no need for asterisk-tcp and
-	   asterisk-udp. Users should replace existing jails with asterisk to 
+     asterisk-udp. Users should replace existing jails with asterisk to
-		 reduce duplicate parsing of the asterisk log file.
+     reduce duplicate parsing of the asterisk log file.
    * filter.d/{suhosin,pam-generic,gssftpd,sogo-auth,webmin}- regex anchor at
      start
    * filter.d/vsftpd - anchored regex at start. disable old pam format regex
@@ -163,7 +160,7 @@ IMPORTANT incompatible changes:
    * filter.d/{courier{login,smtp},proftpd,sieve,wuftpd,xinetd} - General
      regex impovements
   Zurd
-   * filter.d/postfix - add filter for VRFY failures. closes gh-322.
+   * filter.d/postfix - add filter for VRFY failures. Closes gh-322.
   Orion Poplawski
    * fail2ban.d/ and jail.d/ directories are added to etc/fail2ban to facilitate
      their use