Am 29.04.15 um 15:04 schrieb Yaroslav Halchenko:
> Dear All,
>
> On behalf of everyone who contributed (and there were 17 people) to the
> development of Fail2Ban since 0.9.1, I am proud to announce that
>
> 0.9.2 was tagged on GitHub, and uploaded to Debian sid. master branch is
> ready to accept new PRs but you might need to re-merge master into it or
> rebase
> on top of it.
>
> I have also uploaded backport builds of Debian package to -devel
> repository of the NeuroDebian happen you would like to try your luck using
> Fail2Ban on previous releases of Debian or Ubuntu. Those builds (for older
> than jessie/Ubuntu 14.10) differ from stock Debian sid build that they still
> use Python 2 while upload to sid uses Python 3 since there is only
> python3-systemd package now.
>
> Thanks once again to everyone who contributed by commits/pull-requests
> and/or helping out on the issue tracker and mailing list! Even though we
> have planned few more things to be done for this release, imho it is better to
> release now (already behind any non-schedule) than drag it even longer.
>
> Changelog for this release is quite respectful anyways in terms of new
> features
> and fixes -- so I once again applaud to everyone who was involved: keep up the
> great work!
>
>
> ver. 0.9.2 (2015/04/29) - better-quick-now-than-later
> ----------
>
> - Fixes:
> * Fix ufw action commands
> * infinite busy loop on _escapedTags match in substituteRecursiveTags
> gh-907.
> Thanks TonyThompson
> * port[s] typo in jail.conf/nginx-http-auth gh-913. Thanks Frederik Wagner
> (fnerdwq)
> * $ typo in jail.conf. Thanks Skibbi. Debian bug #767255
> * grep'ing for IP in *mail-whois-lines.conf should now match also
> at the beginning and EOL. Thanks Dean Lee
> * jail.conf
> - php-url-fopen: separate logpath entries by newline
> * failregex declared direct in jail was joined to single line (specifying
> of
> multiple expressions was not possible).
> * filters.d/exim.conf - cover different settings of exim logs
> details. Thanks bes.internal
> * filter.d/postfix-sasl.conf - failregex is now case insensitive
> * filters.d/postfix.conf - add 'Client host rejected error message'
> failregex
> * fail2ban/__init__.py - add strptime thread safety hack-around
> * recidive uses iptables-allports banaction by default now.
> Avoids problems with iptables versions not understanding 'all' for
> protocols and ports
> * filter.d/dovecot.conf
> - match pam_authenticate line from EL7
> - match unknown user line from EL7
> * Use use_poll=True for Python 2.7 and >=3.4 to overcome "Bad file
> descriptor" msgs issue (gh-161)
> * filter.d/postfix-sasl.conf - tweak failregex and add ignoreregex to
> ignore
> system authentication issues
> * fail2ban-regex reads filter file(s) completely, incl. '.local' file etc.
> (gh-954)
> * firewallcmd-* actions: split output into separate lines for grepping
> (gh-908)
> * Guard unicode encode/decode issues while storing records in the
> database.
> Fixes "binding parameter error (unsupported type)" (gh-973), thanks to
> kot
> for reporting
> * filter.d/sshd added regex for matching openSUSE ssh authentication
> failure
> * filter.d/asterisk.conf:
> - Dropped "Sending fake auth rejection" failregex since it incorrectly
> targets the asterisk server itself
> - match "hacking attempt detected" logs
>
> - New Features:
> - New filters:
> - postfix-rbl Thanks Lee Clemens
> - apache-fakegooglebot.conf Thanks Lee Clemens
> - nginx-botsearch Thanks Frantisek Sumsal
> - drupal-auth Thanks Lee Clemens
> - New recursive embedded substitution feature added:
> - `<<PREF>HOST>` becomes `<IPV4HOST>` for PREF=`IPV4`;
> - `<<PREF>HOST>` becomes `1.2.3.4` for PREF=`IPV4` and
> IPV4HOST=`1.2.3.4`;
> - New interpolation feature for config readers - `%(known/parameter)s`.
> (means last known option with name `parameter`). This interpolation
> makes
> possible to extend a stock filter or jail regexp in .local file
> (opposite to simply set failregex/ignoreregex that overwrites it),
> see gh-867.
> - Monit config for fail2ban in files/monit/
> - New actions:
> - action.d/firewallcmd-multiport and action.d/firewallcmd-allports
> Thanks Donald Yandt
> - action.d/sendmail-geoip-lines.conf
> - action.d/nsupdate to update DNSBL. Thanks Andrew St. Jean
> - New status argument for fail2ban-client -- flavor:
> fail2ban-client status <jail> [flavor]
> - empty or "basic" works as-is
> - "cymru" additionally prints (ASN, Country RIR) per banned IP
> (requires dnspython or dnspython3)
> - Flush log at USR1 signal
>
> - Enhancements:
> * Enable multiport for firewallcmd-new action. Closes gh-834
> * files/debian-initd migrated from the debian branch and should be
> suitable for manual installations now (thanks Juan Karlo de Guzman)
> * Define empty ignoreregex in filters which didn't have it to avoid
> warnings (gh-934)
> * action.d/{sendmail-*,xarf-login-attack}.conf - report local
> timezone not UTC time/zone. Closes gh-911
> * Conditionally log Ignore IP with reason (dns, ip, command). Closes
> gh-916
> * Absorbed DNSUtils.cidr into addr2bin in filter.py, added unittests
> * Added syslogsocket configuration to fail2ban.conf
> * Note in the jail.conf for the recidive jail to increase dbpurgeage
> (gh-964)
>
>
>
Dear Yaroslav!
Thank you for tagging the release. It would be great if you could mark the tag
as Release in Github and add your changelogs!
Best regards,
Johannes
--
Johannes Weberhofer
Weberhofer GmbH, Austria, Vienna
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
