New major upstream versions of sshguard (1.1, 1,2, 1.3 and 1.4) were released on 2008-08 - 2008-12, please update debs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sshguard (Debian) |
Fix Released
|
Unknown
|
|||
sshguard (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: sshguard
Please upgrade sshguard package to version 1.3 or 1.4. Version 1.3 contains significant bugfixes and lots of new features from the currently packaged version in Ubuntu (1.0) including support for protects from brute force attacks against new services, like:
- dovecot imapd
- UWimap imapd and pop
- FreeBSD's ftpd
- Proftpd
- pure-ftpd
- Cyrus imapd
whereas the current version only supports sshd.
Cumulative changelog from 1.0 through all the 1.1beta*, 1.1rc*, 1.2 and 1.3:
- support suspension
- support debug mode at runtime (-d) for helping users in problem solving
- support for metalog logging format
- fix parser bug when recognizing certain IPv6 addresses
- fix segfault when the pipe to sshguard is closed unexpectedly
- support for ipfilter as blocking backend (thanks Hellmuth Michaelis for feedback)
- support for log messages authentication
- support for AIX genfilt firewall (thanks Gabor Szittner)
- fix "hosts" backend bug not discarding temporary files
- add monitoring support for new services:
@ dovecot imapd
@ UWimap imapd and pop
@ FreeBSD's ftpd
@ Proftpd
@ pure-ftpd
@ Cyrus imapd
- support for SSH "possible break-in attempt" messages;
- updated support for dovecot to include logging format of new versions;
- fix of IPF backend causing sshguard not to update /etc/ipf.rules (disallow IPv6);
- fix detection of password when sshd doesn't log anything more than PAM;
- automatically detect when ipfw supports IPv6 (thanks David Horn);
- be sensitive to proftpd messages to auth facility, not daemon (thanks Andy Berkvam);
- add sshd pattern for "Bad protocol" and "Did not receive identif string".
Changed in sshguard: | |
status: | Unknown → Fix Released |
Version 1.3 is now part of Karmic. As 1.4 is still a RC release, we should wait to upgrade the package.