-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2021-0ab8f6a19a 2021-10-19 00:36:08.674333 --------------------------------------------------------------------------------
Name : fail2ban Product : Fedora 34 Version : 0.11.2 Release : 9.fc34 URL : http://fail2ban.sourceforge.net/ Summary : Daemon to ban hosts that cause multiple authentication errors Description : Fail2Ban scans log files and bans IP addresses that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones.
Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services.
This is a meta-package that will install the default configuration. Other sub-packages are available to install support for other actions and configurations.
-------------------------------------------------------------------------------- Update Information:
Address CVE CVE-2021-32749. -------------------------------------------------------------------------------- ChangeLog:
* Sun Sep 26 2021 Mikel Olasagasti Uranga mikel@olasagasti.info - 0.11.2-9 - Fix CVE-2021-32749 RHBZ#1983223 * Wed Jul 21 2021 Fedora Release Engineering releng@fedoraproject.org - 0.11.2-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Mon Jun 7 2021 Python Maint python-maint@redhat.com - 0.11.2-7 - Rebuilt for Python 3.10 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1983223 - CVE-2021-32749 fail2ban: Command injection via mail comand [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1983223 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-0ab8f6a19a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------