fail2ban/debian/changelog

206 lines
7.9 KiB
Plaintext

fail2ban (0.6.0-1) unstable; urgency=low
* Merged with the latest stable upstream release. That incure some
changes for the Debian configuration of the package to be more
upstream-like. Visible one is: subject in the sent email includes
section outside of "[Fail2Ban]"
-- Yaroslav Halchenko <debian@onerussian.com> Sun, 20 Nov 2005 14:56:41 -0500
fail2ban (0.5.4-10) unstable; urgency=low
* Fixed the order of ssh and apache rules to avoid possible race
condition (Thanks to Jefferson Cowart for the bug report) (closes:
#339133)
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 14 Nov 2005 23:44:45 -0500
fail2ban (0.5.4-9) unstable; urgency=low
* Fixed init.d script so it doesn't return non-0 status if fail2ban is not
running. That fixes issues with purging the package and leaving garbage in
/usr/share/fail2ban (Thanx to Justin Pryzby for the insight)
(closes: #337223)
-- Yaroslav Halchenko <debian@onerussian.com> Thu, 3 Nov 2005 17:05:20 -0500
fail2ban (0.5.4-8) unstable; urgency=low
* Added config option MAIL.localtime (closes: #336449)
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 31 Oct 2005 16:53:19 -0500
fail2ban (0.5.4-7) unstable; urgency=low
* Adjusted init.d script so it is resistant to delayed shutdowns of
fail2ban and in general more stable
-- Yaroslav Halchenko <debian@onerussian.com> Thu, 20 Oct 2005 21:22:03 -0400
fail2ban (0.5.4-6.2) unstable; urgency=low
* Fixed typos (thanx to Ross Boylan).
* Robust startup: if iptables module gets fully initialized after
startup of fail2ban, fail2ban will do "maxreinit" attempts to
initialize its own firewall. It will sleep between attempts for
"polltime" number of seconds (closes: #334272).
* To overcome possible conflict with other firewall solutions and as a
secondary solution for the bug 334272, fail2ban startup is moved
during bootup to the latest (S99) sequenece position. That should not
cause any discomfort I believe.
-- Yaroslav Halchenko <debian@onerussian.com> Tue, 18 Oct 2005 15:54:38 -0400
fail2ban (0.5.4-5.14) unstable; urgency=low
* Added a notification regarding the importance of 0.5.4-5 change of
failregex in the config file.
* Adjusted address to FSF.
* Adjusted failregex for SSH so it bans "Illegal user" entries as well, and
restricted full failregex more to include ":" at the beginning, because
otherwise it might not be sufficient and would revive bug 330827 (closes:
#333056).
* Adjusted failregex for SSH to accommodate recent changes in logging of
SSH: Illegal -> Invalid. Should match both now.
* Fixed a problem of raise AttributeError exception reported as a side
effect of crash during parsing of the config file.
* Introduced fwcheck option to verify consistency of the
chains. Implemented automatic restart of fail2ban main function in
case check of fwban or fwunban command failed (closes: #329163, #331695).
(Introduced patch was further adjusted by upstream author).
* Added -f command line parameter for [findtime].
* Fixed the issue of not respecting command line parameters for parameters
within sections.
* Added -e command line parameter to provide enabled sections from command
line.
* Added a cleanup of firewall rules on emergency shutdown when unknown
exception is catched.
* Fail2ban should not crash now if a wrong file name is specified in
config.
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 3 Oct 2005 22:26:28 -1000
fail2ban (0.5.4-5) unstable; urgency=low
* Made failregex'es more specific to don't allow usernames to be used as a
tool for denial of service attacks. Config files (or at least
failregex'es) must be updated from this package, otherwise the security
breach would remain open and only warning gets issued (closes: #330827)
-- Yaroslav Halchenko <debian@onerussian.com> Sat, 1 Oct 2005 02:42:23 -1000
fail2ban (0.5.4-4) unstable; urgency=low
* On a request from Calum Mackay added reporting of the enabled sections
-- Yaroslav Halchenko <debian@onerussian.com> Thu, 29 Sep 2005 11:20:43 -1000
fail2ban (0.5.4-3) unstable; urgency=low
* Resolved the mystery of debug mode in which commands are not really
executed: added verbose option to config file, removed -v from
/etc/default/fail2ban, reordered code a bit so that log targets are
setup right after background and then only loglevel (verbose,debug) is
processed, so the warning could be seen in the logs
-- Yaroslav Halchenko <debian@onerussian.com> Thu, 29 Sep 2005 00:20:43 -1000
fail2ban (0.5.4-2) unstable; urgency=low
* Now exporting PATH explicitely in init.d/fail2ban script, to avoid
problems finding iptables in the cases when PATH was not exported outside
(cfengine, broken shell environment) (closes: #329304)
* Removed -b from start-stop-daemon because fail2ban detahes on its own
* Added @localhost to MAIL:from and MAIL:to in fail2ban.conf and placed
a note to README.Debian regarding necessity to specify full email
address in MAIL:from (closes: #329722)
* Added a keyword <section> in parsing of the subject and the body of an
email sent out by fail2ban (closes: #330311)
-- Yaroslav Halchenko <debian@onerussian.com> Wed, 27 Sep 2005 08:09:06 -0400
fail2ban (0.5.4-1) unstable; urgency=low
* New upstream release
-- Yaroslav Halchenko <debian@onerussian.com> Tue, 20 Sep 2005 12:19:19 -0400
fail2ban (0.5.3-2) unstable; urgency=low
* Refined comments in README.Debian
* Reindented init.d script
P.S. Was not released
-- Yaroslav Halchenko <debian@onerussian.com> Sun, 11 Sep 2005 15:19:44 -0400
fail2ban (0.5.3-1) unstable; urgency=low
* New upstream release
-- Yaroslav Halchenko <debian@onerussian.com> Fri, 9 Sep 2005 16:55:00 -0400
fail2ban (0.5.2-5) unstable; urgency=low
* Included a patch from Stephen Gildea to provide "status" report by
init.d script
* Included a note in README.Debian regarding the fail2ban iptable's
chains
-- Yaroslav Halchenko <debian@onerussian.com> Fri, 9 Sep 2005 14:52:24 -0400
fail2ban (0.5.2-4) unstable; urgency=low
* Format of SYSLOG entries is up to the standard now
-- Yaroslav Halchenko <debian@onerussian.com> Fri, 19 Aug 2005 00:06:44 -1000
fail2ban (0.5.2-3) unstable; urgency=low
* Fixed errata in /etc/default/fail2ban (closes: #323451)
* Fixed handling of SYSLOG logging target. Now it can log to any syslog
target and facility as directed by the config (revisions 160:166 patch
from syslog branch) (closes: #323543)
* Included upstream README and TODO
* Mentioned in README.Debian that apache section is disabled by default
* Adjusted man pages to cross-reference each other
* Moved fail2ban man page under section 8 as in upstream
* Introduced findtime configuration variable to control the lifetime
of caught "failed" log entries (closes: #323840)
-- Yaroslav Halchenko <debian@onerussian.com> Tue, 16 Aug 2005 11:23:28 -1000
fail2ban (0.5.2-2) unstable; urgency=low
* Updated description to reflect flexibility in application of fail2ban
* Included logrotate (Thanks to Baruch Even)
-- Yaroslav Halchenko <debian@onerussian.com> Sat, 13 Aug 2005 04:51:57 -0400
fail2ban (0.5.2-1) unstable; urgency=low
* New upstream release
* No log4py any more
* removed -i eth0 from config
-- Yaroslav Halchenko <debian@onerussian.com> Sat, 6 Aug 2005 09:21:07 -1000
fail2ban (0.5.1-1) unstable; urgency=low
* New upstream release
-- Yaroslav Halchenko <debian@onerussian.com> Sat, 23 Jul 2005 08:50:00 -1000
fail2ban (0.5.0-1) unstable; urgency=low
* New upstream release
* Libraries placed under /usr/share/fail2ban instead of /usr/lib/fail2ban
* Corrections to the description of the package
-- Yaroslav Halchenko <debian@onerussian.com> Tue, 12 Jul 2005 23:33:20 -1000
fail2ban (0.4.1-1) unstable; urgency=low
* First upstream release of a Debian package
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 04 Jul 2005 11:47:23 +0300