Fedora 34: fail2ban 2021-0ab8f6a19a
Summary
Fail2Ban scans log files and bans IP addresses that makes too many password
failures. It updates firewall rules to reject the IP address. These rules can
be defined by the user. Fail2Ban can read multiple log files such as sshd or
Apache web server ones.
Fail2Ban is able to reduce the rate of incorrect authentications attempts
however it cannot eliminate the risk that weak authentication presents.
Configure services to use only two factor or public/private authentication
mechanisms if you really want to protect services.
This is a meta-package that will install the default configuration. Other
sub-packages are available to install support for other actions and
configurations.
Address CVE CVE-2021-32749.
* Sun Sep 26 2021 Mikel Olasagasti Uranga
- Fix CVE-2021-32749 RHBZ#1983223
* Wed Jul 21 2021 Fedora Release Engineering
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Mon Jun 7 2021 Python Maint
- Rebuilt for Python 3.10
[ 1 ] Bug #1983223 - CVE-2021-32749 fail2ban: Command injection via mail comand [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1983223
su -c 'dnf upgrade --advisory FEDORA-2021-0ab8f6a19a' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
FEDORA-2021-0ab8f6a19a 2021-10-19 00:36:08.674333 Product : Fedora 34 Version : 0.11.2 Release : 9.fc34 URL : https://github.com/fail2ban/fail2ban Summary : Daemon to ban hosts that cause multiple authentication errors Description : Fail2Ban scans log files and bans IP addresses that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones. Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services. This is a meta-package that will install the default configuration. Other sub-packages are available to install support for other actions and configurations. Address CVE CVE-2021-32749. * Sun Sep 26 2021 Mikel Olasagasti Uranga - 0.11.2-9 - Fix CVE-2021-32749 RHBZ#1983223 * Wed Jul 21 2021 Fedora Release Engineering - 0.11.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Mon Jun 7 2021 Python Maint - 0.11.2-7 - Rebuilt for Python 3.10 [ 1 ] Bug #1983223 - CVE-2021-32749 fail2ban: Command injection via mail comand [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1983223 su -c 'dnf upgrade --advisory FEDORA-2021-0ab8f6a19a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Change Log
References