Pullup ticket #5635 - requested by taca
mail/roundcube: security update
mail/roundcube-plugin-enigma: security update
mail/roundcube-plugin-password: security update
mail/roundcube-plugin-zipdownload: security update
Revisions pulled up:
- mail/roundcube-plugin-enigma/distinfo 1.7
- mail/roundcube-plugin-password/distinfo 1.7
- mail/roundcube-plugin-zipdownload/distinfo 1.7
- mail/roundcube/Makefile.common 1.7
- mail/roundcube/distinfo 1.58
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: taca
Date: Thu Nov 9 01:13:12 UTC 2017
Modified Files:
pkgsrc/mail/roundcube: Makefile.common distinfo
pkgsrc/mail/roundcube-plugin-enigma: distinfo
pkgsrc/mail/roundcube-plugin-password: distinfo
pkgsrc/mail/roundcube-plugin-zipdownload: distinfo
Log Message:
mail/roundcube: update to 1.2.7
Security fix for CVE-2017-16651.
RELEASE 1.2.7
-------------
- Fix rewind(): stream does not support seeking (#5950)
- Fix bug where HTML messages could have been rendered empty on some systems
(#5957)
- Fix (again) bug where image data URIs in css style were treated as
evil/remote in mail preview (#5580)
- Managesieve: Fix parsing dot-staffed lines in multiline text (#5838, #5959)
- Fix file disclosure vulnerability caused by insufficient input validation
[CVE-2017-16651] (#6026)
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/roundcube/Makefile.common
cvs rdiff -u -r1.57 -r1.58 pkgsrc/mail/roundcube/distinfo
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/roundcube-plugin-enigma/distinfo
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/roundcube-plugin-password/distinfo
cvs rdiff -u -r1.6 -r1.7 pkgsrc/mail/roundcube-plugin-zipdownload/distinfo
(spz)
diff -r1.6 -r1.6.4.1 pkgsrc/mail/roundcube/Makefile.common| @@ -1,25 +1,25 @@ | @@ -1,25 +1,25 @@ | |||
| 1 | # $NetBSD: Makefile.common,v 1.6 2017/09/11 13:56:39 taca Exp $ | 1 | # $NetBSD: Makefile.common,v 1.6.4.1 2017/11/12 13:15:44 spz Exp $ | |
| 2 | # | 2 | # | |
| 3 | # used by mail/roundcube/Makefile | 3 | # used by mail/roundcube/Makefile | |
| 4 | # used by mail/roundcube/plugins.mk | 4 | # used by mail/roundcube/plugins.mk | |
| 5 | 5 | |||
| 6 | DISTNAME= roundcubemail-${RC_VERS} | 6 | DISTNAME= roundcubemail-${RC_VERS} | |
| 7 | CATEGORIES= mail | 7 | CATEGORIES= mail | |
| 8 | MASTER_SITES= ${MASTER_SITE_GITHUB:=roundcube/} | 8 | MASTER_SITES= ${MASTER_SITE_GITHUB:=roundcube/} | |
| 9 | GITHUB_PROJECT= roundcubemail | 9 | GITHUB_PROJECT= roundcubemail | |
| 10 | HOMEPAGE= http://roundcube.net/ | 10 | HOMEPAGE= http://roundcube.net/ | |
| 11 | 11 | |||
| 12 | RC_VERS= 1.2.6 | 12 | RC_VERS= 1.2.7 | |
| 13 | 13 | |||
| 14 | USE_LANGUAGES= # none | 14 | USE_LANGUAGES= # none | |
| 15 | USE_TOOLS+= pax | 15 | USE_TOOLS+= pax | |
| 16 | NO_BUILD= yes | 16 | NO_BUILD= yes | |
| 17 | 17 | |||
| 18 | PKG_SYSCONFSUBDIR?= roundcube | 18 | PKG_SYSCONFSUBDIR?= roundcube | |
| 19 | 19 | |||
| 20 | PKG_GROUPS_VARS+= WWW_GROUP | 20 | PKG_GROUPS_VARS+= WWW_GROUP | |
| 21 | PKG_USERS_VARS= WWW_USER | 21 | PKG_USERS_VARS= WWW_USER | |
| 22 | BUILD_DEFS+= VARBASE WWW_USER WWW_GROUP APACHE_USER APACHE_GROUP | 22 | BUILD_DEFS+= VARBASE WWW_USER WWW_GROUP APACHE_USER APACHE_GROUP | |
| 23 | 23 | |||
| 24 | RCDIR= share/roundcube | 24 | RCDIR= share/roundcube | |
| 25 | EGDIR= share/examples/roundcube | 25 | EGDIR= share/examples/roundcube |
| @@ -1,11 +1,11 @@ | @@ -1,11 +1,11 @@ | |||
| 1 | $NetBSD: distinfo,v 1.57 2017/09/11 13:56:39 taca Exp $ | 1 | $NetBSD: distinfo,v 1.57.4.1 2017/11/12 13:15:44 spz Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (roundcubemail-1.2.6.tar.gz) = 466191ae8eb779e45147a3bb0504b4549bef2944 | 3 | SHA1 (roundcubemail-1.2.7.tar.gz) = b5aa5303e0e940da2117802c7ffd22dc265c4699 | |
| 4 | RMD160 (roundcubemail-1.2.6.tar.gz) = 75234503b8e3729a5c28af92128990f4428de2a8 | 4 | RMD160 (roundcubemail-1.2.7.tar.gz) = 7d24ca42391a62d494b0615e92203596f5573761 | |
| 5 | SHA512 (roundcubemail-1.2.6.tar.gz) = 6e6acc3311747d5c822711029bec0e97b32e17cf5bd55d3e26dc9f6fc7b67d15b940001c3b0f13aa674f9d5d477645438cc782f432d946ba031dd93bde2d852f | 5 | SHA512 (roundcubemail-1.2.7.tar.gz) = ef8058e004a89cb83119972e7fd765920c7cfe8e5157c305b782cda1fead1a01335f5182b45930e409a070aadcf440635b9dc7c41df215d904cbaea0a0ed4191 | |
| 6 | Size (roundcubemail-1.2.6.tar.gz) = 3538567 bytes | 6 | Size (roundcubemail-1.2.7.tar.gz) = 3539187 bytes | |
| 7 | SHA1 (patch-ac) = 235116580665d5d58edc218c063b41171a2d9227 | 7 | SHA1 (patch-ac) = 235116580665d5d58edc218c063b41171a2d9227 | |
| 8 | SHA1 (patch-af) = 1f95a7005569207469563aa37ff48da0383b7668 | 8 | SHA1 (patch-af) = 1f95a7005569207469563aa37ff48da0383b7668 | |
| 9 | SHA1 (patch-config_config.inc.php.sample) = 1c9751ba36394d592e7d3cdcc705010e0a4adda9 | 9 | SHA1 (patch-config_config.inc.php.sample) = 1c9751ba36394d592e7d3cdcc705010e0a4adda9 | |
| 10 | SHA1 (patch-plugins_password_helpers_passwd-expect) = 9e0082f23e37bbab26e8bb1439668132d5aacca2 | 10 | SHA1 (patch-plugins_password_helpers_passwd-expect) = 9e0082f23e37bbab26e8bb1439668132d5aacca2 | |
| 11 | SHA1 (patch-rcube_mime_default) = fe6ff1bea0a2c4223b34e44a6d0ca76e6476d2aa | 11 | SHA1 (patch-rcube_mime_default) = fe6ff1bea0a2c4223b34e44a6d0ca76e6476d2aa |
| @@ -1,6 +1,6 @@ | @@ -1,6 +1,6 @@ | |||
| 1 | $NetBSD: distinfo,v 1.6 2017/09/11 13:57:24 taca Exp $ | 1 | $NetBSD: distinfo,v 1.6.4.1 2017/11/12 13:15:44 spz Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (roundcubemail-1.2.6.tar.gz) = 466191ae8eb779e45147a3bb0504b4549bef2944 | 3 | SHA1 (roundcubemail-1.2.7.tar.gz) = b5aa5303e0e940da2117802c7ffd22dc265c4699 | |
| 4 | RMD160 (roundcubemail-1.2.6.tar.gz) = 75234503b8e3729a5c28af92128990f4428de2a8 | 4 | RMD160 (roundcubemail-1.2.7.tar.gz) = 7d24ca42391a62d494b0615e92203596f5573761 | |
| 5 | SHA512 (roundcubemail-1.2.6.tar.gz) = 6e6acc3311747d5c822711029bec0e97b32e17cf5bd55d3e26dc9f6fc7b67d15b940001c3b0f13aa674f9d5d477645438cc782f432d946ba031dd93bde2d852f | 5 | SHA512 (roundcubemail-1.2.7.tar.gz) = ef8058e004a89cb83119972e7fd765920c7cfe8e5157c305b782cda1fead1a01335f5182b45930e409a070aadcf440635b9dc7c41df215d904cbaea0a0ed4191 | |
| 6 | Size (roundcubemail-1.2.6.tar.gz) = 3538567 bytes | 6 | Size (roundcubemail-1.2.7.tar.gz) = 3539187 bytes |
| @@ -1,6 +1,6 @@ | @@ -1,6 +1,6 @@ | |||
| 1 | $NetBSD: distinfo,v 1.6 2017/09/11 14:00:23 taca Exp $ | 1 | $NetBSD: distinfo,v 1.6.4.1 2017/11/12 13:15:44 spz Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (roundcubemail-1.2.6.tar.gz) = 466191ae8eb779e45147a3bb0504b4549bef2944 | 3 | SHA1 (roundcubemail-1.2.7.tar.gz) = b5aa5303e0e940da2117802c7ffd22dc265c4699 | |
| 4 | RMD160 (roundcubemail-1.2.6.tar.gz) = 75234503b8e3729a5c28af92128990f4428de2a8 | 4 | RMD160 (roundcubemail-1.2.7.tar.gz) = 7d24ca42391a62d494b0615e92203596f5573761 | |
| 5 | SHA512 (roundcubemail-1.2.6.tar.gz) = 6e6acc3311747d5c822711029bec0e97b32e17cf5bd55d3e26dc9f6fc7b67d15b940001c3b0f13aa674f9d5d477645438cc782f432d946ba031dd93bde2d852f | 5 | SHA512 (roundcubemail-1.2.7.tar.gz) = ef8058e004a89cb83119972e7fd765920c7cfe8e5157c305b782cda1fead1a01335f5182b45930e409a070aadcf440635b9dc7c41df215d904cbaea0a0ed4191 | |
| 6 | Size (roundcubemail-1.2.6.tar.gz) = 3538567 bytes | 6 | Size (roundcubemail-1.2.7.tar.gz) = 3539187 bytes |
| @@ -1,6 +1,6 @@ | @@ -1,6 +1,6 @@ | |||
| 1 | $NetBSD: distinfo,v 1.6 2017/09/11 14:01:02 taca Exp $ | 1 | $NetBSD: distinfo,v 1.6.4.1 2017/11/12 13:15:44 spz Exp $ | |
| 2 | 2 | |||
| 3 | SHA1 (roundcubemail-1.2.6.tar.gz) = 466191ae8eb779e45147a3bb0504b4549bef2944 | 3 | SHA1 (roundcubemail-1.2.7.tar.gz) = b5aa5303e0e940da2117802c7ffd22dc265c4699 | |
| 4 | RMD160 (roundcubemail-1.2.6.tar.gz) = 75234503b8e3729a5c28af92128990f4428de2a8 | 4 | RMD160 (roundcubemail-1.2.7.tar.gz) = 7d24ca42391a62d494b0615e92203596f5573761 | |
| 5 | SHA512 (roundcubemail-1.2.6.tar.gz) = 6e6acc3311747d5c822711029bec0e97b32e17cf5bd55d3e26dc9f6fc7b67d15b940001c3b0f13aa674f9d5d477645438cc782f432d946ba031dd93bde2d852f | 5 | SHA512 (roundcubemail-1.2.7.tar.gz) = ef8058e004a89cb83119972e7fd765920c7cfe8e5157c305b782cda1fead1a01335f5182b45930e409a070aadcf440635b9dc7c41df215d904cbaea0a0ed4191 | |
| 6 | Size (roundcubemail-1.2.6.tar.gz) = 3538567 bytes | 6 | Size (roundcubemail-1.2.7.tar.gz) = 3539187 bytes |