mailing list archives
Re: Re: [SECURITY] [DSA 2826-1] denyhosts security update
From: Yves-Alexis Perez <corsac () debian org>
Date: Sun, 22 Dec 2013 23:03:22 +0100
-----BEGIN PGP SIGNED MESSAGE-----
On Sun, Dec 22, 2013 at 07:51:29PM +0100, Helmut Grohne wrote:
The proposed solution is to tighten up the regular expressions for
matching log file entries. Specifically including the $ pattern to match
the end of log lines. For your convenience I attach the final patch.
The Debian security advisory is the initial public disclosure.
I am not aware of any upstream response to this issue and the last
denyhosts release is from 2008.
On top of that, we really advise anyone still using denyhosts to switch
to a more maintained solution. fail2ban apparently does the same job. I
can't judge the code quality, but at least someone is taking care of it.
Debian security team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
-----END PGP SIGNATURE-----