Bug 700768 - fail2ban: Use of insecure default temporary file when unbanning an IP [epel-6]
Summary: fail2ban: Use of insecure default temporary file when unbanning an IP [epel-6]
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: fail2ban
Version: el6
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Adam Miller
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 718837 (view as bug list)
Depends On:
Blocks: CVE-2009-5023
TreeView+ depends on / blocked
 
Reported: 2011-04-29 10:56 UTC by Jan Lieskovsky
Modified: 2012-03-15 19:55 UTC (History)
2 users (show)

Fixed In Version: fail2ban-0.8.4-28.el6
Doc Type: Release Note
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-03-15 19:55:04 UTC


Attachments (Terms of Use)

Description Jan Lieskovsky 2011-04-29 10:56:44 UTC
epel-6 tracking bug for fail2ban: see blocks bug list for full details of the security issue(s).

This bug is never intended to be made public, please put any public notes
in the 'blocks' bugs.


[bug automatically created by: add-tracking-bugs]

Comment 1 Vincent Danen 2011-07-05 03:49:05 UTC
*** Bug 718837 has been marked as a duplicate of this bug. ***

Comment 2 Vincent Danen 2011-07-05 03:49:54 UTC
Is there a particular reason why these EPEL bugs haven't been dealt with yet?  The patch is in Fedora and for the same version, so it should be easy enough to get the fix committed.

Comment 3 Adam Miller 2011-07-05 15:01:05 UTC
Because I thought I had orphaned the package since I haven't used fail2ban in almost a year ... I'll make the fix but will likely be looking for a new maintainer for the EPEL branch of fail2ban in the not too distant future.

Comment 4 Vincent Danen 2011-07-05 23:27:50 UTC
Thanks for that, Adam.  I wasn't aware it was supposed to be orphaned (it does not currently seem to be, or if it is, bugzilla is not aware of that status).  I appreciate you taking the time to make the fix.  Thank you.

Comment 5 Fedora Update System 2012-02-11 08:22:15 UTC
fail2ban-0.8.4-28.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/fail2ban-0.8.4-28.el6

Comment 6 Fedora Update System 2012-02-11 18:55:34 UTC
Package fail2ban-0.8.4-28.el6:
* should fix your issue,
* was pushed to the Fedora EPEL 6 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=epel-testing fail2ban-0.8.4-28.el6'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-EPEL-2012-0423/fail2ban-0.8.4-28.el6
then log in and leave karma (feedback).

Comment 7 Fedora Update System 2012-03-15 19:55:04 UTC
fail2ban-0.8.4-28.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.