Hello community, here is the log from the commit of package roundcubemail for openSUSE:Factory checked in at 2020-07-20 21:08:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/roundcubemail (Old) and /work/SRC/openSUSE:Factory/.roundcubemail.new.3592 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "roundcubemail" Mon Jul 20 21:08:21 2020 rev:65 rq:821954 version:1.4.7 Changes: -------- --- /work/SRC/openSUSE:Factory/roundcubemail/roundcubemail.changes 2020-06-11 10:13:01.184762774 +0200 +++ /work/SRC/openSUSE:Factory/.roundcubemail.new.3592/roundcubemail.changes 2020-07-20 21:10:29.469647708 +0200 @@ -1,0 +2,21 @@ +Mon Jul 6 12:00:02 UTC 2020 - Michael Ströder <[email protected]> + +- update to 1.4.7 with security fix: + * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace + * Fix bug where subfolders of special folders could have been duplicated on folder list + * Increase maximum size of contact jobtitle and department fields to 128 characters + * Fix missing newline after the logged line when writing to stdout (#7418) + * Elastic: Fix context menu (paste) on the recipient input (#7431) + * Fix problem with forwarding inline images attached to messages with no HTML part (#7414) + * Fix problem with handling attached images with same name when using + database_attachments/redundant_attachments (#7455) +- renamed roundcubemail-1.4.6-config_dir.patch to + roundcubemail-1.4.7-config_dir.patch + +------------------------------------------------------------------- +Fri Jul 3 18:43:00 UTC 2020 - [email protected] + +- add http.inc file + * include one file for php5/php7 admin flags/values + +------------------------------------------------------------------- Old: ---- roundcubemail-1.4.6-complete.tar.gz roundcubemail-1.4.6-complete.tar.gz.asc roundcubemail-1.4.6-config_dir.patch New: ---- roundcubemail-1.4.7-complete.tar.gz roundcubemail-1.4.7-complete.tar.gz.asc roundcubemail-1.4.7-config_dir.patch roundcubemail-httpd.inc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ roundcubemail.spec ++++++ --- /var/tmp/diff_new_pack.MaalBv/_old 2020-07-20 21:10:32.937651223 +0200 +++ /var/tmp/diff_new_pack.MaalBv/_new 2020-07-20 21:10:32.937651223 +0200 @@ -22,19 +22,20 @@ %define roundcubeconfigpath %{_sysconfdir}/%{name} %define php_major_version %(php -r "echo PHP_MAJOR_VERSION;") Name: roundcubemail -Version: 1.4.6 +Version: 1.4.7 Release: 0 Summary: A browser-based multilingual IMAP client License: GPL-3.0-or-later AND GPL-2.0-only AND BSD-3-Clause Group: Productivity/Networking/Email/Clients URL: https://www.roundcube.net/ -Source0: https://github.com/roundcube/roundcubemail/releases/download/%{version}/%{name}-%{version}-complete.tar.gz +Source0: https://github.com/roundcube/%{name}/releases/download/%{version}/%{name}-%{version}-complete.tar.gz Source1: %{name}-rpmlintrc Source2: %{name}-httpd.conf +Source3: %{name}-httpd.inc Source4: README.openSUSE Source5: %{name}.logrotate Source6: https://roundcube.net/download/pubkey.asc#/%{name}.keyring -Source7: https://github.com/roundcube/roundcubemail/releases/download/%{version}/%{name}-%{version}-complete.tar.gz.asc +Source7: https://github.com/roundcube/%{name}/releases/download/%{version}/%{name}-%{version}-complete.tar.gz.asc Source8: robots.txt # PATCH-FIX-OPENSUSE roundcubemail-1.1-beta-config_dir.patch -- use the general config directory /etc Patch0: %{name}-%{version}-config_dir.patch @@ -169,8 +170,12 @@ done # install httpd.conf file and adapt the configuration -install -d -m 0755 %{buildroot}/%{apache_sysconfdir}/conf.d -sed -e "s#__ROUNDCUBEPATH__#%{roundcubepath}#g" %{SOURCE2} > %{buildroot}%{apache_sysconfdir}/conf.d/roundcubemail.conf +install -D -m0644 %{SOURCE3} %{buildroot}%{apache_sysconfdir}/conf.d/%{name}.inc +# fix paths in http config +sed -e "s#__ROUNDCUBEPATH__#%{roundcubepath}#g" \ + -e "s,@apache_sysconfdir@,%{apache_sysconfdir},g" \ + -e "s,@name@,%{name},g" \ +%{SOURCE2} > %{buildroot}%{apache_sysconfdir}/conf.d/%{name}.conf # install docs install -d -m 0755 %{buildroot}/%{_defaultdocdir}/%{name} @@ -323,7 +328,8 @@ %config %{roundcubeconfigpath}/config.inc.php.sample %config %{roundcubeconfigpath}/defaults.inc.php %config %{roundcubeconfigpath}/mimetypes.php -%config(noreplace) %{apache_sysconfdir}/conf.d/roundcubemail.conf +%config(noreplace) %{apache_sysconfdir}/conf.d/%{name}.conf +%config(noreplace) %{apache_sysconfdir}/conf.d/%{name}.inc %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %config(noreplace) %{roundcubeconfigpath}/skins/elastic/styles/_styles.less %config(noreplace) %{roundcubeconfigpath}/skins/elastic/styles/_variables.less ++++++ roundcubemail-1.4.6-complete.tar.gz -> roundcubemail-1.4.7-complete.tar.gz ++++++ /work/SRC/openSUSE:Factory/roundcubemail/roundcubemail-1.4.6-complete.tar.gz /work/SRC/openSUSE:Factory/.roundcubemail.new.3592/roundcubemail-1.4.7-complete.tar.gz differ: char 5, line 1 ++++++ roundcubemail-1.4.6-config_dir.patch -> roundcubemail-1.4.7-config_dir.patch ++++++ --- /work/SRC/openSUSE:Factory/roundcubemail/roundcubemail-1.4.6-config_dir.patch 2020-06-11 10:12:58.476754108 +0200 +++ /work/SRC/openSUSE:Factory/.roundcubemail.new.3592/roundcubemail-1.4.7-config_dir.patch 2020-07-20 21:10:17.369635440 +0200 @@ -1,7 +1,7 @@ -Index: roundcubemail-1.4.4/program/include/iniset.php +Index: roundcubemail-1.4.7/program/include/iniset.php =================================================================== ---- roundcubemail-1.4.4.orig/program/include/iniset.php -+++ roundcubemail-1.4.4/program/include/iniset.php +--- roundcubemail-1.4.7.orig/program/include/iniset.php ++++ roundcubemail-1.4.7/program/include/iniset.php @@ -28,7 +28,7 @@ if (!defined('INSTALL_PATH')) { } ++++++ roundcubemail-httpd.conf ++++++ --- /var/tmp/diff_new_pack.MaalBv/_old 2020-07-20 21:10:33.033651321 +0200 +++ /var/tmp/diff_new_pack.MaalBv/_new 2020-07-20 21:10:33.037651325 +0200 @@ -9,6 +9,7 @@ <IfModule mod_alias.c> + Alias /roundcube "__ROUNDCUBEPATH__/public_html" Alias /roundcubemail "__ROUNDCUBEPATH__/public_html" </IfModule> @@ -37,53 +38,11 @@ </IfModule> <IfModule mod_php5.c> - php_flag display_errors Off - php_flag log_errors On - #php_value error_log logs/errors - - php_value upload_max_filesize 5M - php_value post_max_size 6M - php_value memory_limit 64M - - php_flag register_globals Off - php_flag zlib.output_compression Off - php_flag magic_quotes_gpc Off - php_flag magic_quotes_runtime Off - php_flag suhosin.session.encrypt Off - - #php_value session.cookie_path / - #php_value session.hash_function sha256 - php_flag session.auto_start Off - php_value session.gc_maxlifetime 21600 - php_value session.gc_divisor 500 - php_value session.gc_probability 1 - # http://bugs.php.net/bug.php?id=30766 - php_value mbstring.func_overload 0 + Include @apache_sysconfdir@/conf.d/@[email protected] </IfModule> <IfModule mod_php7.c> - php_flag display_errors Off - php_flag log_errors On - #php_value error_log logs/errors - - php_value upload_max_filesize 5M - php_value post_max_size 6M - php_value memory_limit 64M - - php_flag register_globals Off - php_flag zlib.output_compression Off - php_flag magic_quotes_gpc Off - php_flag magic_quotes_runtime Off - php_flag suhosin.session.encrypt Off - - #php_value session.cookie_path / - #php_value session.hash_function sha256 - php_flag session.auto_start Off - php_value session.gc_maxlifetime 21600 - php_value session.gc_divisor 500 - php_value session.gc_probability 1 - # http://bugs.php.net/bug.php?id=30766 - php_value mbstring.func_overload 0 + Include @apache_sysconfdir@/conf.d/@[email protected] </IfModule> <IfModule mod_rewrite.c> ++++++ roundcubemail-httpd.inc ++++++ php_admin_flag display_errors off php_admin_flag log_errors on #php_admin_value error_log logs/errors php_admin_flag magic_quotes_gpc off php_admin_flag magic_quotes_runtime off php_admin_flag register_globals off php_admin_flag suhosin.session.encrypt off php_admin_flag zlib.output_compression off php_admin_value upload_max_filesize 5M php_admin_value post_max_size 6M php_admin_value memory_limit 64M php_admin_flag session.auto_start off #php_admin_value session.cookie_path / #php_admin_value session.hash_function sha256 php_admin_value session.gc_maxlifetime 21600 php_admin_value session.gc_divisor 500 php_admin_value session.gc_probability 1 # http://bugs.php.net/bug.php?id=30766 php_admin_value mbstring.func_overload 0
