Hi Helmut, Thanks for showing some care for this package. The main reason for me to want to support denyhosts was the possibility of the synchronisation server. I have since written a (AGPL licensed) replacement for the original, closed source, server, starting from Anne Bezemer's suggestion in Debian bug#622697.
I may consider offering to do the security support for denyhosts for at least the stretch support period, but I'm not sure what that would mean exactly. Is the main work in following CNEs for the package and fixing them for Debian (and preferably upstream as well)? Another possibility might be to work with fail2ban upstream to also support my, or another, synchronisation server, but I'm not sure if they would be willing to accept patches to that effect. > * Your upload reintroduces security bug #692229. You're right. I checked whether all Debian patches had been implemented upstream, must have missed this one. > * Due to the removal of denyhosts from Debian, the following bugs were > closed by the ftp masters: > > #395565 #436417 #497485 #514024 #529089 #546772 #597956 #567209 #611756 > #622697 #643031 #720130 #729322 #731963 > > Please evaluate which of them need to be reopened or failing that > reopen all of them. Of course, I was planning to do that. Jan-Pascal
