Mandriva Linux Security Advisory : fail2ban (MDVSA-2013:078)
High Nessus Plugin ID 66092
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated fail2ban package fixes security vulnerability :
fail2ban before 0.8.8 didn't escape the content of \<matches\> (if used in custom action files), which could cause issues on the system running fail2ban as it scans log files, depending on what content is matched, since that content could contain arbitrary symbols (CVE-2012-5642).
SolutionUpdate the affected fail2ban package.