Bug#499108: marked as done (roundcube-core: Missing robots.txt file)

Sat, 13 Dec 2008 06:18:45 -0800 

Your message dated Sat, 13 Dec 2008 13:47:17 +0000
with message-id <[email protected]>
and subject line Bug#499108: fixed in roundcube 0.2~alpha-3
has caused the Debian Bug report #499108,
regarding roundcube-core: Missing robots.txt file
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
499108: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499108
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: roundcube-core
Version: 0.1.1-8
Severity: minor


This bug is a security bug, but I consider it minor.

The file robots.txt has been deleted (or not included), from the 
upstream package.

This file is not informative and must be included on 
   /var/lib/roundcube/robots.txt

with the content on the upstrem package.

This file reports the internet crawlers to not index or crawl the 
webmail directory, and protects the server from load, and version or 
product searches, that could be used to crack or exploit (aka google 
hacking).




-- System Information:
Debian Release: 4.0
  APT prefers testing
  APT policy: (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.19-damia1
Locale: lang=es...@euro, lc_ctype=es...@euro (charmap=ISO-8859-15)

--- End Message ---
--- Begin Message --- 
Source: roundcube
Source-Version: 0.2~alpha-3

We believe that the bug you reported is fixed in the latest version of
roundcube, which is due to be installed in the Debian FTP archive:

roundcube-core_0.2~alpha-3_all.deb
  to pool/main/r/roundcube/roundcube-core_0.2~alpha-3_all.deb
roundcube-mysql_0.2~alpha-3_all.deb
  to pool/main/r/roundcube/roundcube-mysql_0.2~alpha-3_all.deb
roundcube-pgsql_0.2~alpha-3_all.deb
  to pool/main/r/roundcube/roundcube-pgsql_0.2~alpha-3_all.deb
roundcube-sqlite_0.2~alpha-3_all.deb
  to pool/main/r/roundcube/roundcube-sqlite_0.2~alpha-3_all.deb
roundcube_0.2~alpha-3.diff.gz
  to pool/main/r/roundcube/roundcube_0.2~alpha-3.diff.gz
roundcube_0.2~alpha-3.dsc
  to pool/main/r/roundcube/roundcube_0.2~alpha-3.dsc
roundcube_0.2~alpha-3_all.deb
  to pool/main/r/roundcube/roundcube_0.2~alpha-3_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Vincent Bernat <[email protected]> (supplier of updated roundcube package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 13 Dec 2008 14:36:02 +0100
Source: roundcube
Binary: roundcube-core roundcube roundcube-mysql roundcube-pgsql 
roundcube-sqlite
Architecture: source all
Version: 0.2~alpha-3
Distribution: experimental
Urgency: high
Maintainer: Debian Roundcube Maintainers 
<[email protected]>
Changed-By: Vincent Bernat <[email protected]>
Description: 
 roundcube  - skinnable AJAX based webmail solution for IMAP servers
 roundcube-core - skinnable AJAX based webmail solution for IMAP servers
 roundcube-mysql - metapackage providing MySQL dependencies for RoundCube
 roundcube-pgsql - metapackage providing PostgreSQL dependencies for RoundCube
 roundcube-sqlite - metapackage providing sqlite dependencies for RoundCube
Closes: 495434 499108 500202 508628
Changes: 
 roundcube (0.2~alpha-3) experimental; urgency=high
 .
   [ Vincent Bernat ]
   * Fix a vulnerability in the use of preg_replace (Closes: #508628).
   * Adapt descriptions of roundcube-database packages to refer them as
     metapackages instead of virtual package (Closes: #495434).
   * Add robots.txt from upstream, even if in some configuration, it will
     not be considered (Closes: #499108).
   * Do not ship .htaccess files. Restrictions are set in Apache or
     Lighttpd configuration files (Closes: #500202).
 .
   [ Romain Beauxis ]
   * Changed versioned dependency of rouncube from binary:Version to
     source:Version since these are all architecture independent packages.
Checksums-Sha1: 
 c02d14f7e8772394a0767de9ccf30fafa31218c8 1407 roundcube_0.2~alpha-3.dsc
 1937a335c627c6802969a15cfadbbecb58d61edc 26173 roundcube_0.2~alpha-3.diff.gz
 f6187ed65a1639e7e6189dcbd2860483449f98a0 596736 
roundcube-core_0.2~alpha-3_all.deb
 dd03b1b359d953561e1e110a488b3ce75b022b71 14796 roundcube_0.2~alpha-3_all.deb
 d90c2b3f17b084552522ac5ebbb3ff14a5560ae0 14120 
roundcube-mysql_0.2~alpha-3_all.deb
 9e6a4968b21ae9f67d5009a764cf655ea7b92329 14126 
roundcube-pgsql_0.2~alpha-3_all.deb
 e3e9387d17bdd238dca493282966f376fea5d870 14100 
roundcube-sqlite_0.2~alpha-3_all.deb
Checksums-Sha256: 
 873056aac74806d0b8db6207e213e68590e5a06018d67b2a24825896ac1bfc81 1407 
roundcube_0.2~alpha-3.dsc
 4a25c8a4d3d37e079ffdaf80cb6ecf7c24db8d70ea02e590ec8ac4754b3a468f 26173 
roundcube_0.2~alpha-3.diff.gz
 932ead16c3bf83995fde707564c451421bc340fecbfc073f7d1765494c13e87a 596736 
roundcube-core_0.2~alpha-3_all.deb
 89c05f0e81abcb78954981aad826bd63883b9c0ea4d7e637baf6be39f64d040b 14796 
roundcube_0.2~alpha-3_all.deb
 a4f13648e12dfb2e21c2057f71270c46645d669ac351e18847fc308fc2939c00 14120 
roundcube-mysql_0.2~alpha-3_all.deb
 28a371c2f732d81cac122ead7aab1fa3eb98bfcb91f965d93f81430c7977e94d 14126 
roundcube-pgsql_0.2~alpha-3_all.deb
 f291223abc6b0c00acc915a1e25d67699b7055dd61e5ce5a4df76e137de94026 14100 
roundcube-sqlite_0.2~alpha-3_all.deb
Files: 
 4e4d80af0d944c9aa34d83a225df5322 1407 web extra roundcube_0.2~alpha-3.dsc
 9ac28c3d598af906cd9c87c5e81ac059 26173 web extra roundcube_0.2~alpha-3.diff.gz
 e7392a06d3a9d6fd19ae1a860e7fddc9 596736 web extra 
roundcube-core_0.2~alpha-3_all.deb
 fcb6b60e0c1d573b2b864d4a8df80640 14796 web extra roundcube_0.2~alpha-3_all.deb
 5492353076cd0150fbf63feec950f92b 14120 web extra 
roundcube-mysql_0.2~alpha-3_all.deb
 f74a4b9decd8e8a2cdb9d8cc9c6b7222 14126 web extra 
roundcube-pgsql_0.2~alpha-3_all.deb
 6d28580b0a0ac86624a73542d4de5550 14100 web extra 
roundcube-sqlite_0.2~alpha-3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAklDu0UACgkQKFvXofIqeU4fkQCeOP3Ragto3aCAOi1tWMHcYUEN
2OsAoMPlgVXrmwOsPzKq3zX2S/2MTuQW
=1EKh
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to