[denyhosts] Add new patch file.
Jason ティビツ
tibbs at fedoraproject.org
Wed Jan 15 20:06:46 UTC 2014
commit 9194934d457723aaa17d629e9c84d6cf6350e3c7
Author: Jason Tibbitts <tibbs at math.uh.edu>
Date: Wed Jan 15 14:06:47 2014 -0600
Add new patch file.
denyhosts-2.6-CVE-2013-6890.patch | 44 +++++++++++++++++++++++++++++++++++++
1 files changed, 44 insertions(+), 0 deletions(-)
---
diff --git a/denyhosts-2.6-CVE-2013-6890.patch b/denyhosts-2.6-CVE-2013-6890.patch
new file mode 100644
index 0000000..af0e2cb
--- /dev/null
+++ b/denyhosts-2.6-CVE-2013-6890.patch
@@ -0,0 +1,44 @@
+diff -up DenyHosts-2.6/DenyHosts/regex.py.CVE-2013-6890 DenyHosts-2.6/DenyHosts/regex.py
+--- DenyHosts-2.6/DenyHosts/regex.py.CVE-2013-6890 2014-01-06 16:39:32.505865176 -0600
++++ DenyHosts-2.6/DenyHosts/regex.py 2014-01-06 22:05:52.675094771 -0600
+@@ -6,23 +6,22 @@ import re
+
+ #DATE_FORMAT_REGEX = re.compile(r"""(?P<month>[A-z]{3,3})\s*(?P<day>\d+)""")
+
+-SSHD_FORMAT_REGEX = re.compile(r""".* (sshd.*:|\[sshd\]) (?P<message>.*)""")
++SSHD_FORMAT_REGEX = re.compile(r""".*? (sshd.*?:|\[sshd\]) (?P<message>.*)""")
+ #SSHD_FORMAT_REGEX = re.compile(r""".* sshd.*: (?P<message>.*)""")
+
+-FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>.*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++FAILED_ENTRY_REGEX = re.compile(r"""Failed (?P<method>\S*) for (?P<invalid>invalid user |illegal user )?(?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
+
+-FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*?) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++FAILED_ENTRY_REGEX2 = re.compile(r"""(?P<invalid>(Illegal|Invalid)) user (?P<user>.*) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
+
+-FAILED_ENTRY_REGEX3 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++FAILED_ENTRY_REGEX3 = None
+
+-FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (?P<host>.*)""")
++FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) from (::ffff:)?(?P<host>\S+)$""")
+
+-FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not allowed because none of user's groups are listed in AllowGroups$""")
++FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) from (::ffff:)?(?P<host>\S+) not allowed because none of user's groups are listed in AllowGroups$""")
+
+-FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
+-
+-FAILED_ENTRY_REGEX7 = re.compile(r"""User (?P<user>.*) .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}) not allowed because not listed in AllowUsers""")
++FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
+
++FAILED_ENTRY_REGEX7 = re.compile(r"""User (?P<user>.*) from (::ffff:)?(?P<host>\S+) not allowed because not listed in AllowUsers$""")
+
+ # these are reserved for future versions
+ FAILED_ENTRY_REGEX8 = None
+@@ -42,7 +41,7 @@ for i in FAILED_ENTRY_REGEX_RANGE:
+ FAILED_ENTRY_REGEX_MAP[i] = rx
+
+
+-SUCCESSFUL_ENTRY_REGEX = re.compile(r"""Accepted (?P<method>.*) for (?P<user>.*?) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
++SUCCESSFUL_ENTRY_REGEX = re.compile(r"""Accepted (?P<method>\S+) for (?P<user>.*?) from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})$""")
+
+ TIME_SPEC_REGEX = re.compile(r"""(?P<units>\d*)\s*(?P<period>[smhdwy])?""")
+
More information about the scm-commits
mailing list