Control: tags -1 + patch
Hi Vincent,
On Mon, Jan 06, 2014 at 06:32:13AM +0100, Helmut Grohne wrote:
> A real fix seems more involved. Suggestions welcome.
Personally I cannot reproduce this issue on any of my machines, but I
believe that I understand the cause.
Can you test one of the attached patches? I presume that you can build
the packages yourself, if not, please contact me.
Note that due to the very likely removal of denyhosts from sid, my patch
does not solve the regression for jessie or sid. It only works with
older openssh versions from squeeze or wheezy. The patches are also
available as branches from the collab-maint/denyhosts git repository.
Helmut
>From d534d03cae4541c74b66bde7e83e7f2a17e90bf7 Mon Sep 17 00:00:00 2001
From: Helmut Grohne <hel...@subdivi.de>
Date: Sun, 12 Jan 2014 19:21:40 +0100
Subject: [PATCH] propose fix for 734329
---
debian/changelog | 7 +++++++
debian/patches/13_CVE-2013-6890.patch | 2 +-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index c7aa4b8..56b9c26 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+denyhosts (2.6-10+deb7u3) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload by the Security Team.
+ * Fix regression another regression. Closes: 734329.
+
+ -- Helmut Grohne <hel...@subdivi.de> Sun, 12 Jan 2014 19:19:14 +0100
+
denyhosts (2.6-10+deb7u2) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
diff --git a/debian/patches/13_CVE-2013-6890.patch b/debian/patches/13_CVE-2013-6890.patch
index d55382b..ed02249 100644
--- a/debian/patches/13_CVE-2013-6890.patch
+++ b/debian/patches/13_CVE-2013-6890.patch
@@ -27,7 +27,7 @@ Index: denyhosts-2.6/DenyHosts/regex.py
#SSHD_FORMAT_REGEX = re.compile(r""".* sshd.*: (?P<message>.*)""")
-FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>.*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
-+FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
++FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})( port \d+)?( ssh2)?$""")
-FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
+FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
--
1.8.5.2
>From c5b2a7a84599c26038bbbc8616128118abc30f6e Mon Sep 17 00:00:00 2001
From: Helmut Grohne <hel...@subdivi.de>
Date: Sun, 12 Jan 2014 19:25:41 +0100
Subject: [PATCH] propose fix for 734329
---
debian/changelog | 7 +++++++
debian/patches/13_CVE-2013-6890.patch | 2 +-
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index 69aea93..27cccdc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+denyhosts (2.6-7+deb6u3) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload by the Security Team.
+ * Fix regression another regression. Closes: 734329.
+
+ -- Helmut Grohne <hel...@subdivi.de> Sun, 12 Jan 2014 19:19:14 +0100
+
denyhosts (2.6-7+deb6u2) squeeze-security; urgency=high
* Non-maintainer upload by the Security Team.
diff --git a/debian/patches/13_CVE-2013-6890.patch b/debian/patches/13_CVE-2013-6890.patch
index c947986..4272083 100644
--- a/debian/patches/13_CVE-2013-6890.patch
+++ b/debian/patches/13_CVE-2013-6890.patch
@@ -27,7 +27,7 @@ Index: denyhosts-2.6/DenyHosts/regex.py
#SSHD_FORMAT_REGEX = re.compile(r""".* sshd.*: (?P<message>.*)""")
-FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>.*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
-+FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
++FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})( port \d+)?( ssh2)?$""")
-FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
+FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
--
1.8.5.2
