Debian Bug report logs - #544232
fail2ban: Insecure creating/writing to tmpfile

version graph

Package: fail2ban; Maintainer for fail2ban is Yaroslav Halchenko <debian@onerussian.com>; Source for fail2ban is src:fail2ban.

Reported by: Tomasz Papszun <tomek@lodz.tpsa.pl>

Date: Sat, 29 Aug 2009 21:09:01 UTC

Severity: important

Tags: lenny, security, squeeze

Found in versions fail2ban/0.8.4-3, fail2ban/0.8.3-2sid1

Fixed in version fail2ban/0.8.4+svn20110323-1

Done: Yaroslav Halchenko <debian@onerussian.com>

Bug is archived. No further changes may be made.

Forwarded to Cyril Jaquier <cyril.jaquier@fail2ban.org>

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Yaroslav Halchenko <debian@onerussian.com>:
Bug#544232; Package fail2ban. (Sat, 29 Aug 2009 21:09:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Tomasz Papszun <tomek@lodz.tpsa.pl>:
New Bug report received and forwarded. Copy sent to Yaroslav Halchenko <debian@onerussian.com>. (Sat, 29 Aug 2009 21:09:05 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Tomasz Papszun <tomek@lodz.tpsa.pl>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: fail2ban: Insecure creating/writing to tmpfile
Date: Sat, 29 Aug 2009 23:07:50 +0200
Package: fail2ban
Version: 0.8.3-2sid1
Severity: important

The files  /etc/fail2ban/action.d/mail-buffered.conf  and 
/etc/fail2ban/action.d/sendmail-buffered.conf
use file in the writable-for-all directory for appending text, i.e.

printf %%b "`date`: <ip> (<failures> failures)\n" >> <tmpfile>

where  tmpfile = /tmp/fail2ban-mail.txt

Instead of that tmpfile definition, a unique filename should be used, 
e.g. by means of mktemp(1), like:

tmpfile=`mktemp /tmp/f2ban-mail.txt.XXXXXXXXXX`

which will safely create a file named like  
/tmp/f2ban-mail.txt.SsUtdRJQAg

Currently, tmpfile is defined just once - at the starting of the script, 
if I understand the section [Init] correctly. As at the end of each 
execution of actionban the tmpfile is removed, simple replacing tmpfile 
definition with mktemp(1) in [Init] section won't do because now the 
filename is known and the attacker can create it.
So probably, mktemp(1) should be used in the very definition of 
actionban, but as I don't know Python, I'm not trying to prepare the 
patch myself, sorry :-).

-- System Information:
Debian Release: 5.0.2
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=pl_PL.iso-8859-2 (charmap=ISO-8859-2)
Shell: /bin/sh linked to /bin/bash

Versions of packages fail2ban depends on:
ii  lsb-base                      3.2-20     Linux Standard Base 3.2 init scrip
ii  python                        2.5.2-3    An interactive high-level object-o
ii  python-central                0.6.8      register and build utility for Pyt

Versions of packages fail2ban recommends:
ii  iptables                      1.4.2-6    administration tools for packet fi
ii  whois                         4.7.30     an intelligent whois client

Versions of packages fail2ban suggests:
ii  bsd-mailx [mailx]  8.1.2-0.20071201cvs-3 A simple mail user agent
ii  mailx              1:20071201-3          Transitional package for mailx ren
pn  python-gamin       <none>                (no description available)

-- no debconf information




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#544232; Package fail2ban. (Sat, 29 Aug 2009 23:00:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yaroslav Halchenko <debian@onerussian.com>:
Extra info received and forwarded to list. (Sat, 29 Aug 2009 23:00:04 GMT) Full text and rfc822 format available.

Message #10 received at 544232@bugs.debian.org (full text, mbox):

From: Yaroslav Halchenko <debian@onerussian.com>
To: Tomasz Papszun <tomek@lodz.tpsa.pl>, 544232@bugs.debian.org
Subject: Re: Bug#544232: fail2ban: Insecure creating/writing to tmpfile
Date: Sat, 29 Aug 2009 18:50:08 -0400
could you elaborate on what security implications (since you are talking
about attacks) this bug would result in? to me -- none (besides
'misinformation), since that file to accumulate the body of the email
which is to be sent upon actionstop.

if I am right, and there is no security implications, then I would like
to reduce severity to normal at most

On Sat, 29 Aug 2009, Tomasz Papszun wrote:

> Package: fail2ban
> Version: 0.8.3-2sid1
> Severity: important

> The files  /etc/fail2ban/action.d/mail-buffered.conf  and 
> /etc/fail2ban/action.d/sendmail-buffered.conf
> use file in the writable-for-all directory for appending text, i.e.
-- 
                                  .-.
=------------------------------   /v\  ----------------------------=
Keep in touch                    // \\     (yoh@|www.)onerussian.com
Yaroslav Halchenko              /(   )\               ICQ#: 60653192
                   Linux User    ^^-^^    [175555]






Information forwarded to debian-bugs-dist@lists.debian.org, Yaroslav Halchenko <debian@onerussian.com>:
Bug#544232; Package fail2ban. (Sun, 30 Aug 2009 00:09:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Tomasz Papszun <tomek@lodz.tpsa.pl>:
Extra info received and forwarded to list. Copy sent to Yaroslav Halchenko <debian@onerussian.com>. (Sun, 30 Aug 2009 00:09:06 GMT) Full text and rfc822 format available.

Message #15 received at 544232@bugs.debian.org (full text, mbox):

From: Tomasz Papszun <tomek@lodz.tpsa.pl>
To: Yaroslav Halchenko <debian@onerussian.com>
Cc: 544232@bugs.debian.org
Subject: Re: Bug#544232: fail2ban: Insecure creating/writing to tmpfile
Date: Sun, 30 Aug 2009 01:58:02 +0200
On Sat, 29 Aug 2009 at 18:50:08 -0400, Yaroslav Halchenko wrote:
> could you elaborate on what security implications (since you are talking
> about attacks) this bug would result in? to me -- none (besides
> 'misinformation), since that file to accumulate the body of the email
> which is to be sent upon actionstop.

You're welcome!
As the filename is predictable, and the directory is writable for 
everybody, an attacker can create a symlink leading to any file, also to
files writable only for root. Then fail2ban (which runs as root) will 
damage the target file while writing to the tmpfile. Well, at least the 
most spectacular ;-( target (/etc/shadow) won't be overwritten, because, 
AFAICS, the script appends (>>), not overwrites (>). But some 
important file (e.g. a binary) can be damaged by appending some data to 
it.

HTH

> if I am right, and there is no security implications, then I would like
> to reduce severity to normal at most
> 
>                                   .-.
> =------------------------------   /v\  ----------------------------=
> Keep in touch                    // \\     (yoh@|www.)onerussian.com
> Yaroslav Halchenko              /(   )\               ICQ#: 60653192
>                    Linux User    ^^-^^    [175555]
> 

-- 
 Tomasz Papszun                                     | And it's only
 tomek at lodz.tpsa.pl http://www.lodz.tpsa.pl/iso/ | ones and zeros.
 tomek at clamav.net   http://www.ClamAV.net/   A GPL virus scanner




Reply sent to Yaroslav Halchenko <debian@onerussian.com>:
You have marked Bug as forwarded. (Sun, 30 Aug 2009 06:09:16 GMT) Full text and rfc822 format available.

Message #18 received at 544232-forwarded@bugs.debian.org (full text, mbox):

From: Yaroslav Halchenko <debian@onerussian.com>
To: Cyril Jaquier <cyril.jaquier@fail2ban.org>
Cc: Tomasz Papszun <tomek@lodz.tpsa.pl>, 544232-forwarded@bugs.debian.org
Subject: Re: Bug#544232: fail2ban: Insecure creating/writing to tmpfile
Date: Sun, 30 Aug 2009 02:04:03 -0400
[Message part 1 (text/plain, inline)]

On Sun, 30 Aug 2009, Tomasz Papszun wrote:
> everybody, an attacker can create a symlink leading to any file, also to
> files writable only for root. Then fail2ban (which runs as root) will 
ah, right -- I was silly... forwarding upstream for now

Cyril, could you please have a look at http://bugs.debian.org/544232

quite a few actions are prone to such a problem
$> git grep  -l tmpfile
action.d/dshield.conf
action.d/mail-buffered.conf
action.d/mynetwatchman.conf
action.d/sendmail-buffered.conf

none of these actions is enabled by default in any jail afaik but still
-- it would be better to work it out in a sane fashion

-- 
                                  .-.
=------------------------------   /v\  ----------------------------=
Keep in touch                    // \\     (yoh@|www.)onerussian.com
Yaroslav Halchenko              /(   )\               ICQ#: 60653192
                   Linux User    ^^-^^    [175555]


[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Yaroslav Halchenko <debian@onerussian.com>:
Bug#544232; Package fail2ban. (Sun, 31 Oct 2010 21:24:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Zbyszek Jędrzejewski-Szmek <zbyszek@in.waw.pl>:
Extra info received and forwarded to list. Copy sent to Yaroslav Halchenko <debian@onerussian.com>. (Sun, 31 Oct 2010 21:24:03 GMT) Full text and rfc822 format available.

Message #23 received at 544232@bugs.debian.org (full text, mbox):

From: Zbyszek Jędrzejewski-Szmek <zbyszek@in.waw.pl>
To: 544232@bugs.debian.org
Subject: tentative [PATCH] issue5178: use a temporary directory or file created with mktemp
Date: Sun, 31 Oct 2010 22:11:10 +0100
Using a directory is fine, as long as it is used only once: because
mktemp verifies that the directory didn't exists before when creating
it, the same temporary directory name cannot be safely used after
removing it. But actionstop which removes the temporary directory
should be run only once when closing fail2ban. If the configuration is
reloaded, a new temporary directory will be created, which is good.

Patch untested :(
---
 config/action.d/dshield.conf           |    5 +++--
 config/action.d/mail-buffered.conf     |    4 +++-
 config/action.d/mynetwatchman.conf     |    9 ++-------
 config/action.d/sendmail-buffered.conf |    5 +++--
 4 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/config/action.d/dshield.conf b/config/action.d/dshield.conf
index b80698b..8dba15f 100644
--- a/config/action.d/dshield.conf
+++ b/config/action.d/dshield.conf
@@ -44,6 +44,7 @@ actionstop = if [ -f <tmpfile>.buffer ]; then
                  date +%%s > <tmpfile>.lastsent
              fi
              rm -f <tmpfile>.buffer <tmpfile>.first
+             rmdir <tmpdir>
 
 # Option:  actioncheck
 # Notes.:  command executed once before each actionban command
@@ -206,5 +207,5 @@ dest = reports@dshield.org
 # Notes.:  Base name of temporary files used for buffering
 # Values:  [ STRING ]  Default: /tmp/fail2ban-dshield
 #
-tmpfile = /tmp/fail2ban-dshield
-
+tmpdir = `mktemp --directory --suffix=-f2ban-dshield`
+tmpfile = <tmpdir>/dshield
diff --git a/config/action.d/mail-buffered.conf b/config/action.d/mail-buffered.conf
index 8a33d0e..00b734f 100644
--- a/config/action.d/mail-buffered.conf
+++ b/config/action.d/mail-buffered.conf
@@ -29,6 +29,7 @@ actionstop = if [ -f <tmpfile> ]; then
                  Fail2Ban"|mail -s "[Fail2Ban] <name>: Summary" <dest>
                  rm <tmpfile>
              fi
+             rmdir <tmpdir>
              printf %%b "Hi,\n
              The jail <name> has been stopped.\n
              Regards,\n
@@ -81,7 +82,8 @@ lines = 5
 
 # Default temporary file
 #
-tmpfile = /tmp/fail2ban-mail.txt
+tmpdir = `mktemp --directory --suffix=-f2ban-mail`
+tmpfile = <tmpdir>/buffer.txt
 
 # Destination/Addressee of the mail
 #
diff --git a/config/action.d/mynetwatchman.conf b/config/action.d/mynetwatchman.conf
index 15b91b1..9a1600f 100644
--- a/config/action.d/mynetwatchman.conf
+++ b/config/action.d/mynetwatchman.conf
@@ -66,7 +66,8 @@ actionban = MNWLOGIN=`perl -e '$s=shift;$s=~s/([\W])/"%%".uc(sprintf("%%2.2x",or
 	    PROTOCOL=`awk '{IGNORECASE=1;if($1=="<protocol>"){print $2;exit}}' /etc/protocols`
 	    if [ -z "$PROTOCOL" ]; then PROTOCOL=<protocol>; fi
 	    DATETIME=`perl -e '@t=gmtime(<time>);printf "%%4d-%%02d-%%02d+%%02d:%%02d:%%02d",1900+$t[5],$t[4]+1,$t[3],$t[2],$t[1],$t[0]'`
-            <getcmd> "<mnwurl>?AT=2&AV=0&AgentEmail=$MNWLOGIN&AgentPassword=$MNWPASS&AttackerIP=<ip>&SrcPort=<srcport>&ProtocolID=$PROTOCOL&DestPort=<port>&AttackCount=<failures>&VictimIP=<myip>&AttackDateTime=$DATETIME" 2>&1 >> <tmpfile>.out && grep -q 'Attack Report Insert Successful' <tmpfile>.out && rm -f <tmpfile>.out
+            TMPFILE=`mktemp --suffix -f2ban-mynetwatchman.out`
+            <getcmd> "<mnwurl>?AT=2&AV=0&AgentEmail=$MNWLOGIN&AgentPassword=$MNWPASS&AttackerIP=<ip>&SrcPort=<srcport>&ProtocolID=$PROTOCOL&DestPort=<port>&AttackCount=<failures>&VictimIP=<myip>&AttackDateTime=$DATETIME" 2>&1 >> "$TMPFILE" && grep -q 'Attack Report Insert Successful' "$TMPFILE" && rm -f "$TMPFILE"
 
 # Option:  actionunban
 # Notes.:  command executed when unbanning an IP. Take care that the
@@ -136,9 +137,3 @@ srcport = 0
 # Values:  STRING  Default: http://mynetwatchman.com/insertwebreport.asp
 #
 mnwurl = http://mynetwatchman.com/insertwebreport.asp
-
-# Option:  tmpfile
-# Notes.:  Base name of temporary files
-# Values:  [ STRING ]  Default: /tmp/fail2ban-mynetwatchman
-#
-tmpfile = /tmp/fail2ban-mynetwatchman
diff --git a/config/action.d/sendmail-buffered.conf b/config/action.d/sendmail-buffered.conf
index de8166a..3a4e950 100644
--- a/config/action.d/sendmail-buffered.conf
+++ b/config/action.d/sendmail-buffered.conf
@@ -35,6 +35,7 @@ actionstop = if [ -f <tmpfile> ]; then
                  Fail2Ban" | /usr/sbin/sendmail -f <sender> <dest>
                  rm <tmpfile>
              fi
+             rmdir <tmpdir>
              printf %%b "Subject: [Fail2Ban] <name>: stopped
              From: Fail2Ban <<sender>>
              To: <dest>\n
@@ -101,5 +102,5 @@ lines = 5
 
 # Default temporary file
 #
-tmpfile = /tmp/fail2ban-mail.txt
-
+tmpdir = `mktemp --directory --suffix=-f2ban-mail`
+tmpfile = <tmpdir>/buffer.txt
-- 
1.6.4.124.g27bb1





Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#544232; Package fail2ban. (Mon, 01 Nov 2010 00:33:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yaroslav Halchenko <debian@onerussian.com>:
Extra info received and forwarded to list. (Mon, 01 Nov 2010 00:33:03 GMT) Full text and rfc822 format available.

Message #28 received at 544232@bugs.debian.org (full text, mbox):

From: Yaroslav Halchenko <debian@onerussian.com>
To: Zbyszek Jędrzejewski-Szmek <zbyszek@in.waw.pl>, 544232@bugs.debian.org
Subject: Re: Bug#544232: tentative [PATCH] issue5178: use a temporary directory or file created with mktemp
Date: Sun, 31 Oct 2010 20:30:23 -0400
Hi Zbyszek,

thanks for looking into it ...

action.d/mynetwatchman.conf  changes -- should be ok
action.d/mail-buffered.conf -- I don't think it would work...

> +tmpdir = `mktemp --directory --suffix=-f2ban-dshield`
> +tmpfile = <tmpdir>/dshield

since this is just a Python config file, it would simply substitute
`mktemp --directory --suffix=-f2ban-dshield`/dshield
for every occurrence of <tmpfile> which would be not what is desired...
am I correct?


as a generic and simple resolution, I think, tmpfiles should simply be
created under /var/run/fail2ban which belongs to root.  I think there
was some discussion in some other bugreport... or it is deja vu

agreed?

-- 
                                  .-.
=------------------------------   /v\  ----------------------------=
Keep in touch                    // \\     (yoh@|www.)onerussian.com
Yaroslav Halchenko              /(   )\               ICQ#: 60653192
                   Linux User    ^^-^^    [175555]






Information forwarded to debian-bugs-dist@lists.debian.org, Yaroslav Halchenko <debian@onerussian.com>:
Bug#544232; Package fail2ban. (Mon, 01 Nov 2010 08:06:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Zbyszek Szmek <zbyszek@in.waw.pl>:
Extra info received and forwarded to list. Copy sent to Yaroslav Halchenko <debian@onerussian.com>. (Mon, 01 Nov 2010 08:06:03 GMT) Full text and rfc822 format available.

Message #33 received at 544232@bugs.debian.org (full text, mbox):

From: Zbyszek Szmek <zbyszek@in.waw.pl>
To: Yaroslav Halchenko <debian@onerussian.com>
Cc: 544232@bugs.debian.org
Subject: Re: Bug#544232: tentative [PATCH] issue5178: use a temporary directory or file created with mktemp
Date: Mon, 1 Nov 2010 09:03:16 +0100
On Sun, Oct 31, 2010 at 08:30:23PM -0400, Yaroslav Halchenko wrote:
Hi Yaroslav,

> Hi Zbyszek,
> 
> thanks for looking into it ...
Thanks for the quick reply :)

> action.d/mynetwatchman.conf  changes -- should be ok
This parts is still valid...

> action.d/mail-buffered.conf -- I don't think it would work...
...but the other three won't work indeed. (I had some strange
notion that the mktemp would get executed tmpdir variable initialization,
but it just gets substituted into the final command like you said.

> 
> > +tmpdir = `mktemp --directory --suffix=-f2ban-dshield`
> > +tmpfile = <tmpdir>/dshield
> 
> since this is just a Python config file, it would simply substitute
> `mktemp --directory --suffix=-f2ban-dshield`/dshield
> for every occurrence of <tmpfile> which would be not what is desired...
> am I correct?
> 
> 
> as a generic and simple resolution, I think, tmpfiles should simply be
> created under /var/run/fail2ban which belongs to root.  I think there
> was some discussion in some other bugreport... or it is deja vu
Yes, this is a much better solution! Is the /var/run/fail2ban/
directory exported as a variable so it can be used in action rules
without hardcoding the path?

> agreed?
Yeah, sorry for posting a complete untested patch ;(




Reply sent to Yaroslav Halchenko <debian@onerussian.com>:
You have taken responsibility. (Thu, 24 Mar 2011 06:57:05 GMT) Full text and rfc822 format available.

Notification sent to Tomasz Papszun <tomek@lodz.tpsa.pl>:
Bug acknowledged by developer. (Thu, 24 Mar 2011 06:57:06 GMT) Full text and rfc822 format available.

Message #38 received at 544232-close@bugs.debian.org (full text, mbox):

From: Yaroslav Halchenko <debian@onerussian.com>
To: 544232-close@bugs.debian.org
Subject: Bug#544232: fixed in fail2ban 0.8.4+svn20110323-1
Date: Thu, 24 Mar 2011 06:55:54 +0000
Source: fail2ban
Source-Version: 0.8.4+svn20110323-1

We believe that the bug you reported is fixed in the latest version of
fail2ban, which is due to be installed in the Debian FTP archive:

fail2ban_0.8.4+svn20110323-1.diff.gz
  to main/f/fail2ban/fail2ban_0.8.4+svn20110323-1.diff.gz
fail2ban_0.8.4+svn20110323-1.dsc
  to main/f/fail2ban/fail2ban_0.8.4+svn20110323-1.dsc
fail2ban_0.8.4+svn20110323-1_all.deb
  to main/f/fail2ban/fail2ban_0.8.4+svn20110323-1_all.deb
fail2ban_0.8.4+svn20110323.orig.tar.gz
  to main/f/fail2ban/fail2ban_0.8.4+svn20110323.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 544232@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Yaroslav Halchenko <debian@onerussian.com> (supplier of updated fail2ban package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 23 Mar 2011 17:04:56 -0400
Source: fail2ban
Binary: fail2ban
Architecture: source all
Version: 0.8.4+svn20110323-1
Distribution: unstable
Urgency: low
Maintainer: Yaroslav Halchenko <debian@onerussian.com>
Changed-By: Yaroslav Halchenko <debian@onerussian.com>
Description: 
 fail2ban   - ban hosts that cause multiple authentication errors
Closes: 515599 544232 546913 573314 574182 588176 598200 598206 615952
Changes: 
 fail2ban (0.8.4+svn20110323-1) unstable; urgency=low
 .
   * Fresh upstream snapshot which absorbed some of the patches from Debian
     and
     - [c6d64e9] debug entry for lines ignored due to falling below
       findtime (v2)
     - [fc20f12] Tai64N stores time in GMT, we need to convert to
       local time before returning
     - [b0331bb] default ignoreip to ignore entire loopback zone (/8)
       (Closes: #598200)
     - [b9f15f6] ENH: dovecot filter
     - [69165b1] ENH: add <chain> to action.d/iptables*. Thanks
       Matthijs Kooijman
     - [8330a20] ENH: make filter.d/apache-overflows.conf catch more
       (Closes: #574182)
     - [66cc6cb] BF: allow space in the trailing of failregex for sasl.conf
       (Closes: #573314)
     - [2714019] ENH: dropbear filter (Closes: #546913)
     - [ea7d352] BF: Use /var/run/fail2ban instead of /tmp for temp files in
       actions (Closes: #544232)
   * debian/jail.conf:
     - [bc8e22d] spellcheck (Closes: #598206). Thanks Christoph Anton Mitterer
     - [d7f3e23] adjusted description for sasl jail (Closes: #615952)
     - [92fb484] debian/jail.conf: closing " for protocol specification
     - [f828c31] debian/jail.conf: got 'chain' parameter to be specified for
       iptables actions (Closes: #515599)
   * debian/control:
     - [858af30] slight rewordings of the long description (Closes: #588176)
     - [167dfd4] Boosted policy compliance version to 3.9.1 (no changes seems
       to be due)
   * [4e1e845] debian/copyright: updated copyright years
Checksums-Sha1: 
 c816a57d19f9adbbf71eb2525a4068a88dac01db 1295 fail2ban_0.8.4+svn20110323-1.dsc
 b8d5e30c49f91c9326b58d56f03e90675b95c381 84726 fail2ban_0.8.4+svn20110323.orig.tar.gz
 fd8e842182240957e8bf2d9e03fc9963be013d90 30101 fail2ban_0.8.4+svn20110323-1.diff.gz
 9a84cd18747b5b471a64e13dba90495dfb9c3f31 97716 fail2ban_0.8.4+svn20110323-1_all.deb
Checksums-Sha256: 
 d39fceaadb80445b00606c596b5a074a7a67b3e0ee7ae186a5f972293825a974 1295 fail2ban_0.8.4+svn20110323-1.dsc
 1aa7eec3e60043098664c3fd16139b4e5bd5faeb0117ba0c189f0ede48b1cad7 84726 fail2ban_0.8.4+svn20110323.orig.tar.gz
 6b637ba6a423d6cb777186cc2188c8676cd493cb4d4f391a509212e3c516f047 30101 fail2ban_0.8.4+svn20110323-1.diff.gz
 6b03d9c1a505e43df4fdec8662ebce0c9b7fbae65c8806ab300f369d7dcfeb6e 97716 fail2ban_0.8.4+svn20110323-1_all.deb
Files: 
 4bc9e43afb40c7e6140448331c1ff92a 1295 net optional fail2ban_0.8.4+svn20110323-1.dsc
 1d0a94394d2bb5c616212839f3552b06 84726 net optional fail2ban_0.8.4+svn20110323.orig.tar.gz
 10ec0cd9c25815782398507053a104bd 30101 net optional fail2ban_0.8.4+svn20110323-1.diff.gz
 4119833765fa7de7ed57c7f055646b6b 97716 net optional fail2ban_0.8.4+svn20110323-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk2KbLwACgkQjRFFY3XAJMhTEQCgoWfJbSIx2te2zcp+yGmUB1CA
bhAAoJORjFxwyF6FR1d6pp8n2+h1YlxV
=Er13
-----END PGP SIGNATURE-----





Added tag(s) security. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Tue, 19 Apr 2011 18:33:04 GMT) Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 18 May 2011 07:36:14 GMT) Full text and rfc822 format available.

Bug unarchived. Request was from Jonathan Wiltshire <jmw@debian.org> to control@bugs.debian.org. (Mon, 04 Jul 2011 20:36:03 GMT) Full text and rfc822 format available.

Bug Marked as found in versions fail2ban/0.8.4-3. Request was from Jonathan Wiltshire <jmw@debian.org> to control@bugs.debian.org. (Mon, 04 Jul 2011 20:36:05 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Yaroslav Halchenko <debian@onerussian.com>:
Bug#544232; Package fail2ban. (Mon, 04 Jul 2011 20:39:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Jonathan Wiltshire <jmw@debian.org>:
Extra info received and forwarded to list. Copy sent to Yaroslav Halchenko <debian@onerussian.com>. (Mon, 04 Jul 2011 20:39:03 GMT) Full text and rfc822 format available.

Message #51 received at 544232@bugs.debian.org (full text, mbox):

From: Jonathan Wiltshire <jmw@debian.org>
To: Yaroslav Halchenko <debian@onerussian.com>, 544232@bugs.debian.org
Subject: (PRSC) Bug#544232: fail2ban: Insecure creating/writing to tmpfile
Date: Mon, 4 Jul 2011 21:37:38 +0100
[Message part 1 (text/plain, inline)]
Dear maintainer,

Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the following suites
through point releases:

lenny (5.0.9)
squeeze (6.0.2)

Please prepare a minimal-changes upload targetting each of these suites,
and submit a debdiff to the Release Team [0] for consideration. They will
offer additional guidance or instruct you to upload your package.

I will happily assist you at any stage if the patch is straightforward and
you need help or lack time. Please keep me in CC at all times so I can
track the progress of this request.

For details of this process and the rationale, please see the original
announcement [1] and my blog post [2].

0: debian-release@lists.debian.org
1: <201101232332.11736.thijs@debian.org>
2: http://deb.li/prsc

Thanks,

with his security hat on:
-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
[signature.asc (application/pgp-signature, inline)]

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 02 Aug 2011 07:32:57 GMT) Full text and rfc822 format available.

Bug unarchived. Request was from Jonathan Wiltshire <jmw@debian.org> to control@bugs.debian.org. (Mon, 22 Aug 2011 08:51:02 GMT) Full text and rfc822 format available.

Added tag(s) squeeze and lenny. Request was from Jonathan Wiltshire <jmw@debian.org> to control@bugs.debian.org. (Mon, 22 Aug 2011 08:51:03 GMT) Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 20 Sep 2011 07:40:50 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 24 20:12:42 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.