Package: fail2ban Version: 1.1.0-4 Severity: serious Tags: upstream fixed-upstream
The fail2ban sshd.conf filter does not works with OpenSSH 9.8. This is due to openssh (1:9.8p1-1) unstable; urgency=medium * New upstream release (https://www.openssh.com/releasenotes.html#9.8p1): [...] - sshd(8): several log messages have changed. In particular, some log messages will be tagged with as originating from a process named "sshd-session" rather than "sshd". This was fixed upstream several weeks ago: https://github.com/fail2ban/fail2ban/pull/3782 As seen at https://github.com/fail2ban/fail2ban/pull/3782/files the change is quite simple: change _daemon = sshd to _daemon = sshd(?:-session)? (As sshd.conf is a conffile, the user might already fix this on his side, but it must be correct by default, in particular for the next Debian release.) -- System Information: Debian Release: trixie/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.10.3-amd64 (SMP w/16 CPU threads; PREEMPT) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages fail2ban depends on: ii python3 3.12.4-1 ii python3-systemd 235-1+b4 Versions of packages fail2ban recommends: ii iptables 1.8.10-4 ii nftables 1.1.0-2 ii python3-pyinotify 0.9.6-3 ii whois 5.5.23 Versions of packages fail2ban suggests: ii mailutils [mailx] 1:3.17-2+b1 pn monit <none> ii sqlite3 3.46.0-1 pn system-log-daemon <none> -- no debconf information -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
