{"id":"MGASA-2014-0176","summary":"Updated fail2ban packages fix security issues","details":"An update to fail2ban 0.8.13 has been released to fix security issues, \namongst other bugfixes. \n\nfail2ban versions prior to 0.8.11 would allow a remote unauthenticated \nattacker to cause arbitrary IP addresses to be blocked by Fail2ban causing \nlegitimate users to be blocked from accessing services protected by \nFail2ban. These services are cyrus-imap (CVE-2013-7177) and postfix \n(CVE-2013-7176).\n","modified":"2026-04-16T01:45:53.708661772Z","published":"2014-04-16T13:12:59Z","upstream":["CVE-2013-7176","CVE-2013-7177"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0176.html"},{"type":"WEB","url":"https://github.com/fail2ban/fail2ban/releases"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2014-03/msg00021.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=11569"}],"affected":[{"package":{"name":"fail2ban","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/fail2ban?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.13-2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0176.json"}},{"package":{"name":"fail2ban","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/fail2ban?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.13-2.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0176.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}