CVE-2009-0362 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0362): filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote attackers to cause a denial of service (forced authentication failures) via a crafted reverse-resolved DNS name (rhost) entry that contains a substring that is interpreted as an IP address, a different vulnerability than CVE-2007-4321.
Fix: http://fail2ban.svn.sourceforge.net/viewvc/fail2ban?view=rev&revision=728
Arches, please test and mark stable: =net-analyzer/fail2ban-0.8.3-r1 Target keywords : "amd64 hppa x86"
For the record: +*fail2ban-0.8.3-r1 (23 Aug 2009) + + 23 Aug 2009; Alex Legler <a3li@gentoo.org> -fail2ban-0.8.1.ebuild, + -fail2ban-0.8.2.ebuild, -fail2ban-0.8.3.ebuild, +fail2ban-0.8.3-r1.ebuild, + +files/fail2ban-CVE-2009-0362.patch: + Non-maintainer commit: Revbump to fix security bug 258866. Removing + unneeded vulnerable versions.
Created attachment 202135 [details] fail2ban-CVE-2009-0362.patch-12013.out /var/tmp/portage/net-analyzer/fail2ban-0.8.3-r1/temp/fail2ban-CVE-2009-0362.patch-12013.out
>>> Unpacking source... >>> Unpacking fail2ban-0.8.3.tar.bz2 to /var/tmp/portage/net-analyzer/fail2ban-0.8.3-r1/work * Applying fail2ban-CVE-2009-0362.patch ... * Failed Patch: fail2ban-CVE-2009-0362.patch ! * ( /usr/portage/net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch ) * * Include in your bugreport the contents of: * * /var/tmp/portage/net-analyzer/fail2ban-0.8.3-r1/temp/fail2ban-CVE-2009-0362.patch-12013.out * * ERROR: net-analyzer/fail2ban-0.8.3-r1 failed. * Call stack: * ebuild.sh, line 49: Called src_unpack * environment, line 2891: Called epatch '/usr/portage/net-analyzer/fail2ban/files/fail2ban-CVE-2009-0362.patch' * environment, line 1341: Called die * The specific snippet of code: * die "Failed Patch: ${patchname}!"; * The die message: * Failed Patch: fail2ban-CVE-2009-0362.patch! * * If you need support, post the topmost build error, and the call stack if relevant. * A complete build log is located at '/var/tmp/portage/net-analyzer/fail2ban-0.8.3-r1/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/net-analyzer/fail2ban-0.8.3-r1/temp/environment'. * >>> Failed to emerge net-analyzer/fail2ban-0.8.3-r1, Log file: >>> '/var/tmp/portage/net-analyzer/fail2ban-0.8.3-r1/temp/build.log'
Created attachment 202137 [details] environment /var/tmp/portage/net-analyzer/fail2ban-0.8.3-r1/temp/environment
Created attachment 202138 [details] build.log /var/tmp/portage/net-analyzer/fail2ban-0.8.3-r1/temp/build.log
Created attachment 202140 [details] emerge --info emerge --info
emerge --sync && re-emerge fixed issue.
x86 stable
Stable for HPPA.
amd64 stable. Vulnerable version removed. GLSA voting: no.
No, too. Closing.
