Date: Sun, 22 Dec 2013 23:03:22 +0100 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: Re: [SECURITY] [DSA 2826-1] denyhosts security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Sun, Dec 22, 2013 at 07:51:29PM +0100, Helmut Grohne wrote: > The proposed solution is to tighten up the regular expressions for > matching log file entries. Specifically including the $ pattern to match > the end of log lines. For your convenience I attach the final patch. > > The Debian security advisory is the initial public disclosure. > > I am not aware of any upstream response to this issue and the last > denyhosts release is from 2008. On top of that, we really advise anyone still using denyhosts to switch to a more maintained solution. fail2ban apparently does the same job. I can't judge the code quality, but at least someone is taking care of it. Regards, - -- Yves-Alexis Perez Debian security team -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBCgAGBQJSt2GnAAoJEG3bU/KmdcClyB4H/2TIISrDlhgv5nQUcp01Y96H Y0XIJBgA/2C03AKnk7TtBHc0KB79DuaTVP9YljtqDmYWZ8t1S0D+ZBmZvqZA0yRy OvBDqRu180lRUHfZNVtzcmigqaNABCbjpMXSRhHoJ9wyuMO/vYvzV89fwTLMnUjA xR6sDLT9Mr7VQi2HqCdLzxB9TgVjpKEdyGcYZJRpxosEJtbT3cQMPf936ZLbZTKr WJcLdnCv9Bjt48EtUtAm/2OYbiLe7uWRruD5d0hffA6wTqlPPR+6WJFNDKl4GzOy 4LTBEhUuNTKjvWGti4olkGwmiYiyknLnLOpC4+sT3rfNe8XuR3/6r6LdvepNUZ8= =gtu+ -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.