I have nowhere to announce this I thought it should at least be mentioned. A minor vulnerability was found in denyhosts: when running in daemon mode (the default for the Extras package) hosts which time out of the blocked list (due to the PURGE_DENY setting) and then generate additional failed login attempts will not be re-added to the blocked list. This is fixed in version 2.3, which I built and pushed last night and seems to have made it out to all of the mirrors. - J<
