added a notification regarding configuration file
Yaroslav Halchenko
18 years ago
|
0 |
fail2ban (0.5.4-5post1) unstable; urgency=low
|
|
1 |
|
|
2 |
* Added a notification regarding the importance of 0.5.4-5 change of
|
|
3 |
failregex in the config file
|
|
4 |
|
|
5 |
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 3 Oct 2005 22:26:28 -1000
|
|
6 |
|
| 0 | 7 |
fail2ban (0.5.4-5) unstable; urgency=low
|
| 1 | 8 |
|
| 2 | 9 |
* Made failregex'es more specific to don't allow usernames to be used as a
|
| 15 | 15 |
# for details, see http://www.debian.org/doc/debian-policy/ or
|
| 16 | 16 |
# the debian-policy package
|
| 17 | 17 |
#
|
|
18 |
preversion=$2
|
| 18 | 19 |
|
| 19 | 20 |
case "$1" in
|
| 20 | 21 |
configure)
|
| 21 | 22 |
# To fix the bug in generated by previous version files permissions
|
| 22 | 23 |
LOG=/var/log/fail2ban.log
|
| 23 | 24 |
[ -f $LOG ] && chmod go-w $LOG
|
|
25 |
|
|
26 |
# Note regarding changed configuration file
|
|
27 |
if [ ! -z $preversion ] \
|
|
28 |
&& dpkg --compare-versions $preversion lt 0.5.4-5;
|
|
29 |
then
|
|
30 |
cat <<EOF
|
|
31 |
WARNING!
|
|
32 |
Configuration file /etc/fail2ban.conf, failregex configuration parameter
|
|
33 |
specificly, were changed in 0.5.4-5 to close reported security breach.
|
|
34 |
|
|
35 |
Unless configuration file (or corresponding failregex'es) gets updated,
|
|
36 |
security breach is not closed and corresponding warning will be reported
|
|
37 |
by the fail2ban (in the log files).
|
|
38 |
|
|
39 |
Please review the configuration file and make appropriate changes.
|
|
40 |
ENJOY!
|
|
41 |
|
|
42 |
EOF
|
|
43 |
fi
|
|
44 |
|
| 24 | 45 |
;;
|
| 25 | 46 |
|
| 26 | 47 |
abort-upgrade|abort-remove|abort-deconfigure)
|