Description of problem: As detailed on th fail2ban website, the latest release (0.8) is susceptible to a log injection vulnerability. More discussion can be found here: http://www.ossec.net/en/attacking-loganalysis.html#fail2ban and a patch can be found here: http://www.ossec.net/en/attacking-loganalysis.html#patches
Actually, of course, that patch mentioned above wouldn't fix the extra regex line we patch in ourselves. I am posting a patch which does both - this should replace the previous regex patch.
Created attachment 157447 [details] Fix DOS vulnerability and AllowUsers issue in sshd.conf I am currently testing this locally at the moment.
Hm, actually that patch doesn't correctly fix the last regex entry. Need to think some more.
Created attachment 157459 [details] Fix regex patterns for sshd.conf to cope with AllowUsers and DOS attacks This is tested and works fine.
Thanks, new packages have been built and will either get into the repos directly (fc5, fc6, rawhide) or wait in updates-testing (f7).
fail2ban-0.8.0-9.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.