Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20131222220322.GB25293@scapa.corsac.net>
Date: Sun, 22 Dec 2013 23:03:22 +0100
From: Yves-Alexis Perez <corsac@...ian.org>
To: oss-security@...ts.openwall.com
Subject: Re: Re: [SECURITY] [DSA 2826-1] denyhosts security
 update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On Sun, Dec 22, 2013 at 07:51:29PM +0100, Helmut Grohne wrote:
> The proposed solution is to tighten up the regular expressions for
> matching log file entries. Specifically including the $ pattern to match
> the end of log lines. For your convenience I attach the final patch.
> 
> The Debian security advisory is the initial public disclosure.
> 
> I am not aware of any upstream response to this issue and the last
> denyhosts release is from 2008.

On top of that, we really advise anyone still using denyhosts to switch
to a more maintained solution. fail2ban apparently does the same job. I
can't judge the code quality, but at least someone is taking care of it.

Regards,
- -- 
Yves-Alexis Perez
Debian security team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBCgAGBQJSt2GnAAoJEG3bU/KmdcClyB4H/2TIISrDlhgv5nQUcp01Y96H
Y0XIJBgA/2C03AKnk7TtBHc0KB79DuaTVP9YljtqDmYWZ8t1S0D+ZBmZvqZA0yRy
OvBDqRu180lRUHfZNVtzcmigqaNABCbjpMXSRhHoJ9wyuMO/vYvzV89fwTLMnUjA
xR6sDLT9Mr7VQi2HqCdLzxB9TgVjpKEdyGcYZJRpxosEJtbT3cQMPf936ZLbZTKr
WJcLdnCv9Bjt48EtUtAm/2OYbiLe7uWRruD5d0hffA6wTqlPPR+6WJFNDKl4GzOy
4LTBEhUuNTKjvWGti4olkGwmiYiyknLnLOpC4+sT3rfNe8XuR3/6r6LdvepNUZ8=
=gtu+
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.