Advisories ยป MGASA-2014-0176

Updated fail2ban packages fix security issues

Publication date: 16 Apr 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2013-7176 , CVE-2013-7177

Description

An update to fail2ban 0.8.13 has been released to fix security issues, 
amongst other bugfixes. 

fail2ban versions prior to 0.8.11 would allow a remote unauthenticated 
attacker to cause arbitrary IP addresses to be blocked by Fail2ban causing 
legitimate users to be blocked from accessing services protected by 
Fail2ban. These services are cyrus-imap (CVE-2013-7177) and postfix 
(CVE-2013-7176).
                

References

SRPMS

4/core

3/core