blocks wrong IPv4 and IPv6 addresses on LE systems (reversed byte order)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
crowdsec-firewall-bouncer (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Hi,
The crowdsec-
Upstream bug reports, about Ubuntu:
- https:/
- https:/
Debian bug reports:
- https:/
- https:/
That's been fixed in Debian testing/unstable:
- golang-
- crowdsec-
and that's also getting fixed in stable (bookworm) via a trivial backport of those packages, now in bookworm-
- golang-
- crowdsec-
I'm not familiar with Ubuntu's way of sync-ing from Debian, that's why I thought it would be best to file a bug there directly (against the leaf package), as opposed to contacting the maintainers documented at https:/
Just to be crystal-clear: the fix is in the golang-
I'm also ticking the security vulnerability box, for the same reason I put the Debian Security team in the loop for the Debian bug reports: I'd rather have more eyes than fewer eyes on that kind of topic: the bouncer is currently giving a false sense of security as it doesn't actually block suspicious addresses, and also block other ones.
Cheers,
Cyril.
Thank you for taking the time to report this Cyril.
Do you know if Google intends to assign a CVE?