12289 – guardian does not any longer react on wrong HTTP logins

Bug 12289 - guardian does not any longer react on wrong HTTP logins

Summary: guardian does not any longer react on wrong HTTP logins

Status:	CLOSED FIXED

Alias:	None

Product:	IPFire
Classification:	Unclassified
Component:	--- (show other bugs)
Version:	2
Hardware:	unspecified Unspecified

Importance:	- Unknown - Security
Assignee:	Stefan Schantl
QA Contact:

URL:
Keywords:	Security

Depends on:
Blocks:

Reported:	2020-02-03 18:55 UTC by Stefan Schantl
Modified:	2020-03-23 18:50 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Schantl 2020-02-03 18:55:32 UTC

https://community.ipfire.org/t/guardian-doesnt-drop-anything/

Comment 1 Stefan Schantl 2020-02-04 09:57:30 UTC

Fix has been added to the main guardian repository (upstream):

https://git.ipfire.org/?p=people/stevee/guardian.git;a=commit;h=5028c7fde1fa15e4960f2fec3c025d0338382895

A patch for adding this fix to the provided IPFire 2.x package has been send to the development mainling list:

https://patchwork.ipfire.org/patch/2750/

Comment 2 Peter Müller 2020-02-16 19:43:25 UTC

https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=56f4f279a5a5bfb2d919f2e603c8551f422e932f

Comment 3 Peter Müller 2020-03-07 09:30:46 UTC

https://blog.ipfire.org/post/ipfire-2-25-core-update-142-is-available-for-testing