Package: fail2ban Severity: normal User: [email protected] Usertags: opu
Please consider the attached diff for CVE-2009-5023, closing #544232. It's the same as for unstable and stable with parts removed for missing files. Thanks -- Jonathan Wiltshire [email protected] Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
diff -u fail2ban-0.8.3/debian/changelog fail2ban-0.8.3/debian/changelog --- fail2ban-0.8.3/debian/changelog +++ fail2ban-0.8.3/debian/changelog @@ -1,3 +1,11 @@ +fail2ban (0.8.3-2sid1+lenny1) oldstable; urgency=low + + * Non-maintainer upload. + * [e2232fc] Backport patch to fix CVE-2009-5023: Insecure creation of + tempfile (Closes: #544232) + + -- Jonathan Wiltshire <[email protected]> Thu, 28 Jul 2011 16:09:16 +0100 + fail2ban (0.8.3-2sid1) unstable; urgency=low * NF: adding unittests for previous commit only in patch2: unchanged: --- fail2ban-0.8.3.orig/config/action.d/mail-buffered.conf +++ fail2ban-0.8.3/config/action.d/mail-buffered.conf @@ -81,7 +81,7 @@ # Default temporary file # -tmpfile = /tmp/fail2ban-mail.txt +tmpfile = /var/run/fail2ban/tmp-mail.txt # Destination/Addressee of the mail # only in patch2: unchanged: --- fail2ban-0.8.3.orig/config/action.d/sendmail-buffered.conf +++ fail2ban-0.8.3/config/action.d/sendmail-buffered.conf @@ -101,5 +101,5 @@ # Default temporary file # -tmpfile = /tmp/fail2ban-mail.txt +tmpfile = /var/run/fail2ban/tmp-mail.txt
signature.asc
Description: Digital signature
