I have nowhere to announce this I thought it should at least be
mentioned. A minor vulnerability was found in denyhosts: when running
in daemon mode (the default for the Extras package) hosts which time
out of the blocked list (due to the PURGE_DENY setting) and then
generate additional failed login attempts will not be re-added to the
blocked list.
This is fixed in version 2.3, which I built and pushed last night and
seems to have made it out to all of the mirrors.
- J<
Show replies by date