Mon Feb 11 14:25:59 2013 UTC ()
Pullup ticket #4061 - requested by taca
mail/roundcube: security update

Revisions pulled up:
- mail/roundcube/Makefile                                       1.50-1.51
- mail/roundcube/PLIST                                          1.26
- mail/roundcube/distinfo                                       1.28
- mail/roundcube/files/roundcube.conf                           1.5

---
   Module Name:	pkgsrc
   Committed By:	jym
   Date:		Tue Jan  8 23:27:55 UTC 2013

   Modified Files:
   	pkgsrc/mail/roundcube/files: roundcube.conf

   Log Message:
   roundcube defines its default configuration in .htaccess files and this
   will take precedence over any parameter specified in the <Directory>
   section.

   So remove the php blocks and add a comment to explain this.

---
   Module Name:	pkgsrc
   Committed By:	jym
   Date:		Thu Jan 10 00:15:55 UTC 2013

   Modified Files:
   	pkgsrc/mail/roundcube: Makefile

   Log Message:
   Bump revision, as noted by wiz@ and gdt@. Thanks!

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Feb  8 14:01:03 UTC 2013

   Modified Files:
   	pkgsrc/mail/roundcube: Makefile PLIST distinfo

   Log Message:
   Update roundcube to 0.8.5.

   CHANGELOG Roundcube Webmail
   ===========================

   - Fix #countcontrols issue in IE<=8 when text is very long (#1488890)
   - Fix unwanted horizontal scrollbar in message preview header (#1488866)
   - Add workaround for IE<=8 bug where Content-Disposition:inline was ignored
     (#1488844)
   - Fix XSS vulnerability in vbscript: and data:text links handling (#1488850)
   - Fix absolute positioning in HTML messages (#1488819)
   - Fix keybord events on messages list in opera browser (#1488823)
   - Fix cache (in)validation after setting \Deleted flag
   - Fix selection of collapsed thread rows (#1488772)
   - Fix wrapping of quoted text with format=flowed (#1488177)


(tron)
diff -r1.49 -r1.49.2.1 pkgsrc/mail/roundcube/Makefile
diff -r1.25 -r1.25.2.1 pkgsrc/mail/roundcube/PLIST
diff -r1.27 -r1.27.2.1 pkgsrc/mail/roundcube/distinfo
diff -r1.4 -r1.4.18.1 pkgsrc/mail/roundcube/files/roundcube.conf
cvs diff -r1.49 -r1.49.2.1 pkgsrc/mail/roundcube/Makefile (expand / switch to unified diff)

--- pkgsrc/mail/roundcube/Makefile 2012/12/05 15:38:01 1.49
+++ pkgsrc/mail/roundcube/Makefile 2013/02/11 14:25:59 1.49.2.1
@@ -1,16 +1,16 @@ @@ -1,16 +1,16 @@
1# $NetBSD: Makefile,v 1.49 2012/12/05 15:38:01 taca Exp $ 1# $NetBSD: Makefile,v 1.49.2.1 2013/02/11 14:25:59 tron Exp $
2 2
3DISTNAME= roundcubemail-0.8.4-dep 3DISTNAME= roundcubemail-0.8.5-dep
4PKGNAME= ${DISTNAME:S/mail-/-/:S/-dep//} 4PKGNAME= ${DISTNAME:S/mail-/-/:S/-dep//}
5CATEGORIES= mail 5CATEGORIES= mail
6MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=roundcubemail/} 6MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=roundcubemail/}
7 7
8MAINTAINER= taca@NetBSD.org 8MAINTAINER= taca@NetBSD.org
9HOMEPAGE= http://roundcube.net/ 9HOMEPAGE= http://roundcube.net/
10COMMENT= Browser-based multilingual IMAP client 10COMMENT= Browser-based multilingual IMAP client
11LICENSE= gnu-gpl-v3 11LICENSE= gnu-gpl-v3
12 12
13DEPENDS+= ${PHP_PKG_PREFIX}-pear-Net_SMTP>=1.4.2:../../net/pear-Net_SMTP 13DEPENDS+= ${PHP_PKG_PREFIX}-pear-Net_SMTP>=1.4.2:../../net/pear-Net_SMTP
14DEPENDS+= ${PHP_PKG_PREFIX}-pear-Mail_Mime>=1.8.1:../../mail/pear-Mail_Mime 14DEPENDS+= ${PHP_PKG_PREFIX}-pear-Mail_Mime>=1.8.1:../../mail/pear-Mail_Mime
15DEPENDS+= ${PHP_PKG_PREFIX}-pear-MDB2>=2.5.0:../../databases/pear-MDB2 15DEPENDS+= ${PHP_PKG_PREFIX}-pear-MDB2>=2.5.0:../../databases/pear-MDB2
16DEPENDS+= ${PHP_PKG_PREFIX}-pear-Auth_SASL>=1.0.3:../../mail/pear-Auth_SASL 16DEPENDS+= ${PHP_PKG_PREFIX}-pear-Auth_SASL>=1.0.3:../../mail/pear-Auth_SASL
cvs diff -r1.25 -r1.25.2.1 pkgsrc/mail/roundcube/PLIST (expand / switch to unified diff)

--- pkgsrc/mail/roundcube/PLIST 2012/12/05 15:38:01 1.25
+++ pkgsrc/mail/roundcube/PLIST 2013/02/11 14:25:59 1.25.2.1
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.25 2012/12/05 15:38:01 taca Exp $ 1@comment $NetBSD: PLIST,v 1.25.2.1 2013/02/11 14:25:59 tron Exp $
2share/doc/roundcube/INSTALL 2share/doc/roundcube/INSTALL
3share/doc/roundcube/LICENSE 3share/doc/roundcube/LICENSE
4share/doc/roundcube/README.md 4share/doc/roundcube/README.md
5share/doc/roundcube/UPGRADING 5share/doc/roundcube/UPGRADING
6share/examples/roundcube/db.inc.php.dist 6share/examples/roundcube/db.inc.php.dist
7share/examples/roundcube/main.inc.php.dist 7share/examples/roundcube/main.inc.php.dist
8share/examples/roundcube/mimetypes.php 8share/examples/roundcube/mimetypes.php
9share/examples/roundcube/plugins/acl/config.inc.php 9share/examples/roundcube/plugins/acl/config.inc.php
10share/examples/roundcube/plugins/additional_message_headers/config.inc.php 10share/examples/roundcube/plugins/additional_message_headers/config.inc.php
11share/examples/roundcube/plugins/enigma/config.inc.php 11share/examples/roundcube/plugins/enigma/config.inc.php
12share/examples/roundcube/plugins/help/config.inc.php 12share/examples/roundcube/plugins/help/config.inc.php
13share/examples/roundcube/plugins/jqueryui/config.inc.php 13share/examples/roundcube/plugins/jqueryui/config.inc.php
14share/examples/roundcube/plugins/managesieve/config.inc.php 14share/examples/roundcube/plugins/managesieve/config.inc.php
@@ -910,35 +910,31 @@ share/roundcube/program/include/rcube_re @@ -910,35 +910,31 @@ share/roundcube/program/include/rcube_re
910share/roundcube/program/include/rcube_result_set.php 910share/roundcube/program/include/rcube_result_set.php
911share/roundcube/program/include/rcube_result_thread.php 911share/roundcube/program/include/rcube_result_thread.php
912share/roundcube/program/include/rcube_session.php 912share/roundcube/program/include/rcube_session.php
913share/roundcube/program/include/rcube_shared.inc 913share/roundcube/program/include/rcube_shared.inc
914share/roundcube/program/include/rcube_smtp.php 914share/roundcube/program/include/rcube_smtp.php
915share/roundcube/program/include/rcube_spellchecker.php 915share/roundcube/program/include/rcube_spellchecker.php
916share/roundcube/program/include/rcube_sqlite.inc 916share/roundcube/program/include/rcube_sqlite.inc
917share/roundcube/program/include/rcube_storage.php 917share/roundcube/program/include/rcube_storage.php
918share/roundcube/program/include/rcube_string_replacer.php 918share/roundcube/program/include/rcube_string_replacer.php
919share/roundcube/program/include/rcube_template.php 919share/roundcube/program/include/rcube_template.php
920share/roundcube/program/include/rcube_user.php 920share/roundcube/program/include/rcube_user.php
921share/roundcube/program/include/rcube_vcard.php 921share/roundcube/program/include/rcube_vcard.php
922share/roundcube/program/js/app.js 922share/roundcube/program/js/app.js
923share/roundcube/program/js/app.js.src 
924share/roundcube/program/js/common.js 923share/roundcube/program/js/common.js
925share/roundcube/program/js/common.js.src 
926share/roundcube/program/js/editor.js 924share/roundcube/program/js/editor.js
927share/roundcube/program/js/googiespell.js 925share/roundcube/program/js/googiespell.js
928share/roundcube/program/js/googiespell.js.src 
929share/roundcube/program/js/jquery.min.js 926share/roundcube/program/js/jquery.min.js
930share/roundcube/program/js/list.js 927share/roundcube/program/js/list.js
931share/roundcube/program/js/list.js.src 
932share/roundcube/program/js/tiny_mce/langs/ar.js 928share/roundcube/program/js/tiny_mce/langs/ar.js
933share/roundcube/program/js/tiny_mce/langs/az.js 929share/roundcube/program/js/tiny_mce/langs/az.js
934share/roundcube/program/js/tiny_mce/langs/bg.js 930share/roundcube/program/js/tiny_mce/langs/bg.js
935share/roundcube/program/js/tiny_mce/langs/bn.js 931share/roundcube/program/js/tiny_mce/langs/bn.js
936share/roundcube/program/js/tiny_mce/langs/br.js 932share/roundcube/program/js/tiny_mce/langs/br.js
937share/roundcube/program/js/tiny_mce/langs/bs.js 933share/roundcube/program/js/tiny_mce/langs/bs.js
938share/roundcube/program/js/tiny_mce/langs/ca.js 934share/roundcube/program/js/tiny_mce/langs/ca.js
939share/roundcube/program/js/tiny_mce/langs/cs.js 935share/roundcube/program/js/tiny_mce/langs/cs.js
940share/roundcube/program/js/tiny_mce/langs/cy.js 936share/roundcube/program/js/tiny_mce/langs/cy.js
941share/roundcube/program/js/tiny_mce/langs/da.js 937share/roundcube/program/js/tiny_mce/langs/da.js
942share/roundcube/program/js/tiny_mce/langs/de.js 938share/roundcube/program/js/tiny_mce/langs/de.js
943share/roundcube/program/js/tiny_mce/langs/el.js 939share/roundcube/program/js/tiny_mce/langs/el.js
944share/roundcube/program/js/tiny_mce/langs/en.js 940share/roundcube/program/js/tiny_mce/langs/en.js
cvs diff -r1.27 -r1.27.2.1 pkgsrc/mail/roundcube/distinfo (expand / switch to unified diff)

--- pkgsrc/mail/roundcube/distinfo 2012/12/05 15:38:01 1.27
+++ pkgsrc/mail/roundcube/distinfo 2013/02/11 14:25:59 1.27.2.1
@@ -1,9 +1,9 @@ @@ -1,9 +1,9 @@
1$NetBSD: distinfo,v 1.27 2012/12/05 15:38:01 taca Exp $ 1$NetBSD: distinfo,v 1.27.2.1 2013/02/11 14:25:59 tron Exp $
2 2
3SHA1 (roundcubemail-0.8.4-dep.tar.gz) = f01c11b3a09ed396819760cfa46964b3fc506cfd 3SHA1 (roundcubemail-0.8.5-dep.tar.gz) = 5e6e65a1a2460cff160525b397f7a0a260441c22
4RMD160 (roundcubemail-0.8.4-dep.tar.gz) = f4c9982a2cb3649ea6b3e98f1cc8bdfeab9705e4 4RMD160 (roundcubemail-0.8.5-dep.tar.gz) = 5e1e5e4d8ba16eafce92d9d9692ccdf8cdfc9fcc
5Size (roundcubemail-0.8.4-dep.tar.gz) = 3183389 bytes 5Size (roundcubemail-0.8.5-dep.tar.gz) = 3142399 bytes
6SHA1 (patch-aa) = 4946fab1dd1a809d32de7fa16b9eb1075eb8424a 6SHA1 (patch-aa) = 4946fab1dd1a809d32de7fa16b9eb1075eb8424a
7SHA1 (patch-ab) = ac9f7ac488f9c309fd1b30a8ecec73e52b245c11 7SHA1 (patch-ab) = ac9f7ac488f9c309fd1b30a8ecec73e52b245c11
8SHA1 (patch-ac) = 89320be22d84d6099e44897d604fa0fe49e0fe60 8SHA1 (patch-ac) = 89320be22d84d6099e44897d604fa0fe49e0fe60
9SHA1 (patch-af) = e2bae396f049b2c5030f24e539b7f418a3d09d78 9SHA1 (patch-af) = e2bae396f049b2c5030f24e539b7f418a3d09d78
cvs diff -r1.4 -r1.4.18.1 pkgsrc/mail/roundcube/files/Attic/roundcube.conf (expand / switch to unified diff)

--- pkgsrc/mail/roundcube/files/Attic/roundcube.conf 2010/11/10 11:42:27 1.4
+++ pkgsrc/mail/roundcube/files/Attic/roundcube.conf 2013/02/11 14:25:59 1.4.18.1
@@ -1,36 +1,28 @@ @@ -1,36 +1,28 @@
1# $NetBSD: roundcube.conf,v 1.4 2010/11/10 11:42:27 adam Exp $ 1# $NetBSD: roundcube.conf,v 1.4.18.1 2013/02/11 14:25:59 tron Exp $
2# 2#
3# RoundCube configuration file fragment for Apache 3# RoundCube configuration file fragment for Apache
4 4
5<IfModule mod_alias.c> 5<IfModule mod_alias.c>
6 Alias /roundcube "@RCDIR@/" 6 Alias /roundcube "@RCDIR@/"
7</IfModule> 7</IfModule>
8 8
 9# Don't forget to adapt the configuration in @RCDIR@/.htaccess
 10# to your liking.
9<Directory "@RCDIR@"> 11<Directory "@RCDIR@">
10 Order allow,deny 12 Order allow,deny
11 Allow from all 13 Allow from all
12 AllowOverride All 14 AllowOverride All
13 DirectoryIndex index.php 15 DirectoryIndex index.php
14 <IfModule mod_php4.c> 
15 php_flag file_uploads On 
16 php_value session.auto_start Off 
17 php_value upload_max_filesize 2M 
18 </IfModule> 
19 <IfModule mod_php5.c> 
20 php_flag file_uploads On 
21 php_value session.auto_start Off 
22 php_value upload_max_filesize 2M 
23 </IfModule> 
24</Directory> 16</Directory>
25 17
26# 18#
27# For security, don't serve pages from the roundcube installer directory. 19# For security, don't serve pages from the roundcube installer directory.
28# 20#
29# If you are using the installer to setup roundcube you will need access to 21# If you are using the installer to setup roundcube you will need access to
30# the installer/ directory for the initial setup. It is recommended that 22# the installer/ directory for the initial setup. It is recommended that
31# after installation you uncomment the following block in order to restrict 23# after installation you uncomment the following block in order to restrict
32# access to that directory. 24# access to that directory.
33# 25#
34#<Directory "@RCDIR@/installer"> 26#<Directory "@RCDIR@/installer">
35# Order deny,allow 27# Order deny,allow
36# Deny from all 28# Deny from all