Mandriva Linux Security Advisory 2013-078 - fail2ban before 0.8.8 didn't escape the content of <matches> (if used in custom action files), which could cause issues on the system running fail2ban as it scans log files, depending on what content is matched, since that content could contain arbitrary symbols.
02f0ceebdef9f69b3240d65ae187a46acf7a7e763e43fddb26a82309d5e67241