* 'exim' of https://github.com/grooverdan/fail2ban:
DOC: credits/blame to me for changes to exim
ENH: new exim filter regexs. Also note a begining PID in this format. Thanks to ftoppi for the log entries
TST/ENH: Improve regex around exim
otherwise it
1. 'interferes' with meaninful output of the client
2. if ERROR is logged it better go to stderr and separating ERROR from other levels is not that transparent with python's logging
* 'master' of https://github.com/yarikoptic/fail2ban:
DOC: Changelog for fail2ban-regex RF
ENH: fail2ban-regex -- add specification of loglevels to enable
RF: reworked -regex cmdline tool to use optparse, some unification and enhancement of outputs
ENH: 'heavydebug' level == 5 for even more debugging in tricky cases
Conflicts:
ChangeLog
* '3proxy' of https://github.com/grooverdan/fail2ban:
BF: fix to proxy port in 3proxy example
ENH: sample log + more specific regex
BF: authentication errors end in 01-09 but the beginning part indicates the service as per https://github.com/fail2ban/fail2ban/issues/246#issuecomment-19327955 thanks to ykimon
BF: need to anchor the start to avoid another repeat of DoS injection like Apache
ENH: stricter regex thanks to Steven Hiscocks (kwirk)
DOC: credits
Conflicts:
ChangeLog
* 'exim' of https://github.com/grooverdan/fail2ban:
BF/ENH: Incorrect authentication data doesn't need tailier so that's optional. Also gained log entry for Unrouteable address
ENH: readibility thanks to Yaroslav
ENH/BF: exim improvements with sample
Conflicts:
ChangeLog
* 'proftpd' of https://github.com/grooverdan/fail2ban:
ENH: proftpd chan accept usernames with spaces
ENH: injection of fail data into USER field
ENH: proftp regex hardening and log messages
Conflicts:
ChangeLog
* 'dovecot' of https://github.com/grooverdan/fail2ban:
TST: attempts at injection with username=rhost=1.2.3.4 have no user= logged in dovecot-1.2.15
ENH: dovecot regexs rewritten and extra failures
Conflicts:
ChangeLog -- merged entries
* 'assp' of https://github.com/grooverdan/fail2ban:
BF: missed a space
BF: [SSL-out] is optional in assp
ENH: regex hardening on assp
Conflicts:
ChangeLog -- merged the two entries into 1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEABECAAYFAlG4rtUACgkQjRFFY3XAJMhs/wCgsckW7ZfzhhQ2qGK+ZPiovg25
b9oAn3Yno88518YaISGbPqMhHMfrncU+
=LQh1
-----END PGP SIGNATURE-----
Merge tag '0.8.10' into debian
Release 0.8.10 -- wanna-be-secure, addresses possible DoS with apache- filters
* tag '0.8.10': (25 commits)
DOC: add information on where to report vulnerabilities + pointer to HOWTO_Seek_Help
Changes for 0.8.10 release (changelog, version, etc)
BF: anchor apache- filters. Close#248
DOC: credits for gh-244
Filter Asterisk: Add sample log entry to testcase.
Filter Asterisk: Add AUTH_UNKNOWN_DOMAIN error to list
ENH: purge a few more .*
DOC: credits
DOC: how to do filter enhancements
TST: normalize logs to use example.com and 1.2.3.4 as IP
ENH/BF: constrain regex. Fix ACL error regex
ENH: port optional
Changelog for previous PR
DOC: Changelog entry fro preceeding merge from Terence
TST: Fix fail2ban.conf reader test for unreliable dictionary order
failregex when roundcube log driver is set to 'syslog'
fixed failregex line for roundcube 0.9+
TST: test all stock jails to have actions and correctly specifying blocktype
CFG: assure actions for all the jails
BF: blocktype must be defined within [Init] -- adding [Init] section. Close#232
...
originally following command was used to add header to all config files:
sed -ie '/# Author/ i\# Please report vulnerabilities to fail2ban-vulnerabilities at lists dot sourceforge dot net\n# and see http://www.fail2ban.org/wiki/index.php/HOWTO_Seek_Help for generic bug-reports.\n#' action.d/* filter.d/*
but it would be overkill ATM causing havoc in user-tuned configs -- postponed for now
Also adjusted the release date for today (by mistake in 1 commit ... sorry)
Yaroslav Halchenko