Hello community,
here is the log from the commit of package roundcubemail.14126 for
openSUSE:Leap:15.2:Update checked in at 2020-09-24 14:21:18
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2:Update/roundcubemail.14126 (Old)
and /work/SRC/openSUSE:Leap:15.2:Update/.roundcubemail.14126.new.4249
(New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "roundcubemail.14126"
Thu Sep 24 14:21:18 2020 rev:1 rq:835789 version:1.3.15
Changes:
--------
New Changes file:
--- /dev/null 2020-09-10 00:27:47.435250138 +0200
+++
/work/SRC/openSUSE:Leap:15.2:Update/.roundcubemail.14126.new.4249/roundcubemail.changes
2020-09-24 14:21:20.192676116 +0200
@@ -0,0 +1,1455 @@
+-------------------------------------------------------------------
+Thu Aug 13 01:05:30 UTC 2020 - Lars Vogdt <[email protected]>
+
+- Upgrade to 1.3.15
+ This is a security update to the LTS version 1.3. (bsc#1175135)
+ * Security: Fix cross-site scripting (XSS) via HTML messages with malicious
svg content [CVE-2020-16145]
+ * Security: Fix cross-site scripting (XSS) via HTML messages with malicious
math content
+ From 1.3.14 (bsc#1173792 -> CVE-2020-15562)
+ * Security: Fix cross-site scripting (XSS) via HTML messages with malicious
svg/namespace
+ From 1.3.13
+ * Installer: Fix regression in SMTP test section (#7417)
+ From 1.3.12
+ * Security: Better fix for CVE-2020-12641 (bsc#1171148)
+ * Security: Fix XSS issue in template object 'username' (#7406)
+ * Security: Fix couple of XSS issues in Installer (#7406)
+ * Security: Fix cross-site scripting (XSS) via malicious XML attachment
+ From 1.3.11 (bsc#1171148 -> CVE-2020-12641 bsc#1171040 -> CVE-2020-12625
bsc#1171149 -> CVE-2020-12640)
+ * Enigma: Fix compatibility with Mail_Mime >= 1.10.5
+ * Fix permissions on some folders created by bin/install-jsdeps.sh script
(#6930)
+ * Fix bug where inline images could have been ignored if Content-Id header
contained redundant spaces (#6980)
+ * Fix PHP Warning: Use of undefined constant LOG_EMERGE (#6991)
+ * Fix PHP warning: "array_merge(): Expected parameter 2 to be an array, null
given in sendmail.inc (#7003)
+ * Security: Fix XSS issue in handling of CDATA in HTML messages
+ * Security: Fix remote code execution via crafted 'im_convert_path' or
'im_identify_path' settings
+ * Security: Fix local file inclusion (and code execution) via crafted
'plugins' option
+ * Security: Fix CSRF bypass that could be used to log out an authenticated
user (#7302)
+ From 1.3.10 (bsc#1146286)
+ * Managesieve: Fix so "Create filter" option does not show up when Filters
menu is disabled (#6723)
+ * Enigma: Fix bug where revoked users/keys were not greyed out in key info
+ * Enigma: Fix error message when trying to encrypt with a revoked key (#6607)
+ * Enigma: Fix "decryption oracle" bug [CVE-2019-10740] (#6638)
+ * Fix compatibility with kolab/net_ldap3 > 1.0.7 (#6785)
+ * Fix bug where bmp images couldn't be displayed on some systems (#6728)
+ * Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp
(#6744)
+ * Fix bug where bold/strong text was converted to upper-case on html-to-text
conversion (6758)
+ * Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only
tld (#6746)
+ * Fix bug where Next/Prev button in mail view didn't work with multi-folder
search result (#6793)
+ * Fix bug where selection of columns on messages list wasn't working
+ * Fix bug in converting multi-page Tiff images to Jpeg (#6824)
+ * Fix wrong messages order after returning to a multi-folder search result
(#6836)
+ * Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866)
+ * Fix bug where it was possible to bypass the position:fixed CSS check in
received messages (#6898)
+ * Fix bug where some strict remote URIs in url() style were unintentionally
blocked (#6899)
+ * Fix bug where it was possible to bypass the CSS jail in HTML messages
using :root pseudo-class (#6897)
+ * Fix bug where it was possible to bypass href URI check with
data:application/xhtml+xml URIs (#6896)
+ From 1.3.9 (bsc#1115718)
+ * Fix TinyMCE download location (#6694)
+ * Fix bug where a message/rfc822 part without a filename wasn't listed on
the attachments list (#6494)
+ * Fix handling of empty entries in vCard import (#6564)
+ * Fix bug in parsing some IMAP command responses that include unsolicited
replies (#6577)
+ * Fix PHP 7.2 compatibility in debug_logger plugin (#6586)
+ * Fix so ANY record is not used for email domain validation, use A, MX,
CNAME, AAAA instead (#6581)
+ * Fix so mime_content_type check in Installer uses files that should always
+ be available (i.e. from program/resources) (#6599)
+ * Fix missing CSRF token on a link to download too-big message part (#6621)
+ * Fix bug when aborting dragging with ESC key didn't stop the move action
(#6623)
+ * Fix bug where next row wasn't selected after deleting a collapsed thread
(#6655)
+ From 1.3.8
+ * Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374)
+ * Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors
in dovecot 2.3 (#6383)
+ * Enigma: Fix deleting keys with authentication subkeys (#6381)
+ * Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398)
+ * Fix so Classic skin splitter does not escape out of window (#6397)
+ * Fix XSS issue in handling invalid style tag content (#6410)
+ * Fix compatibility with MySQL 8 - error on 'system' table use
+ * Managesieve: Fix bug where show_real_foldernames setting wasn't respected
(#6422)
+ * New_user_identity: Fix %fu/%u vars substitution in user specific LDAP
params (#6419)
+ * Fix support for "allow-from <uri>" in "x_frame_options" config option
(#6449)
+ * Fix bug where valid content between HTML comments could have been skipped
in some cases (#6464)
+ * Fix multiple VCard field search (#6466)
+ * Fix session issue on long running requests (#6470)
+ From 1.3.7 (bsc#1115719)
+ * Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without
php-intl (#6244)
+ * Fix bug where some parts of quota information could have been ignored
(#6280)
+ * Fix bug where some escape sequences in html styles could bypass security
checks
+ * Fix bug where some forbidden characters on Cyrus-IMAP were not prevented
from use in folder names
+ * Fix bug where only attachments with the same name would be ignored on zip
download (#6301)
+ * Fix bug where unicode contact names could have been broken/emptied or
caused DB errors (#6299)
+ * Fix bug where after "mark all folders as read" action message counters
were not reset (#6307)
+ * Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289)
+ * Fix bug where some HTML comments could have been malformed by HTML parser
(#6333)
+
+-------------------------------------------------------------------
+Fri Apr 13 06:40:00 UTC 2018 - [email protected]
+
+- Upgrade to version 1.3.6
+ * Fix parsing date strings (e.g. from a Date: mail header) with comments
+ * Fix PHP 7.2: count(): Parameter must be an array in enchant-based
spellchecker
+ * Fix possible IMAP command injection and type juggling vulnerabilities
+ * Enigma: Fix key selection for signing
+ * Enigma: Enable keypair generation on Internet Explorer 11
+ * Fix check_request() bypass in places using get_uids() (CVE-2018-9846
boo#1067574)
+ * Fix bug where usernames without domain part could be malformed or
converted to lower-case on logon
+
+-------------------------------------------------------------------
+Fri Mar 16 08:57:47 UTC 2018 - [email protected]
+
+- Upgrade to version 1.3.5
+ * Added new skin with mobile support - the Elastic
+ * Support Redis cache
+ * Improved Mailvelope integration
+ - Added private key listing and generating to identity settings
+ - Enable encrypt & sign option if Mailvelope supports it
+ * Update to jQuery-3.3.1
+ * vcard_attachments: Add possibility to send contact vCard from Contacts
toolbar (#6080)
+ * Add More actions button in Contacts toolbar with Copy/Move actions (#6081)
+ * Display an error when clicking disabled link to register protocol handler
(#6079)
+ * Add option trusted_host_patterns (#6009, #5752)
+ * Support SMTPUTF8 and relax email address validation to support unicode in
local part (#5120)
+ * Support additional connect parameters in PostgreSQL database wrapper
+ * Use UI dialogs instead of confirm() and alert() where possible
+ * Display value of the SMTP message size limit in the error message (#6032)
+ * Skip redundant INSERT query on successful logon when using PHP7
+ * Replace display_version with display_product_version (#5904)
+ * Extend disabled_actions config so it accepts also button names (#5903)
+ * Handle remote stylesheets the same as remote images, ask the user to allow
them (#5994)
+ * Add Message-ID to the sendmail log (#5871)
+ * Managesieve: Add ability to disable filter sets and other actions (#5496,
#5898)
+ * Managesieve: Add option managesieve_forward to enable settings dialog for
simple forwarding (#6021)
+ * Managesieve: Support filter action with custom IMAP flags (#6011)
+ * Managesieve: Support 'mime' extension tests - RFC5703 (#5832)
+ * Managesieve: Support GSSAPI authentication with krb_authentication plugin
(#5779)
+ * Changed defaults for smtp_user (%u), smtp_pass (%p) and smtp_port (587)
+ * Composer: Fix certificate validation errors by using packagist only (#5148)
+ * Enigma: Add button to send mail unencrypted if no key was found (#5913)
+ * Enigma: Add options to set PGP cipher/digest algorithms (#5645)
+ * Enigma: Multi-host support
+ * Add --get and --extract arguments and CACHEDIR env-variable support to
install-jsdeps.sh (#5882)
+ * Update to jquery-minicolors 2.2.6
+ * Support _filter and _scope as GET arguments for opening mail UI (#5825)
+ * Support for IMAP folders that cannot contain both folders and messages
(#5057)
+ * Added .user.ini file for php-fpm (#5846)
+ * Email Resent (Bounce) feature (#4985)
+ * Various improvements for templating engine and skin behaviours
+ - Support conditional include
+ - Support for 'link' objects
+ - Support including files with path relative to templates directory
+ - Use <button> instead of <input> for submit button on logon screen
+ * Reset onerror on images if placeholder does not exist to prevent from
requests storm
+ * Unified and simplified code for loading content frame for responses and
identities
+ * Display contact import and advanced search in popup dialogs
+ * Make possible to set (some) config options from a skin
+ * Added optional checkbox selection for the list widget
+ * Make 'compose' command always enabled
+ * Add .log suffix to all log file names, add option log_file_ext to control
this (#313)
+ * Archive: Fix archiving by sender address on cyrus-imap
+ * Archive: Style Archive folder also on folder selector and folder manager
lists
+ * Archive: Add Thunderbird compatible Month option (#5623)
+ * Return "401 Unauthorized" status when login fails (#5663)
+ * Support both comma and semicolon as recipient separator, drop
recipients_separator option (#5092)
+ * Plugin API: Added 'show_bytes' hook (#5001)
+ * subscriptions_option: show \\Noselect folders greyed out (#5621)
+ * Add option to not indent quoted text on top-posting reply (#5105)
+ * Removed global $CONFIG variable
+ * Password: Support host variables in password_db_dsn option (#5955)
+ * Password: Automatic virtualmin domain setting, removed
password_virtualmin_format option (#5759)
+ * Support AUTHENTICATE LOGIN for IMAP connections (#5563)
+ * Support LDAP GSSAPI authentication (#5703)
+ * Allow contacts without an email address (#5079)
+ * Localized timezone selector (#4983)
+ * Use 7bit encoding for ISO-2022-* charsets in sent mail (#5640)
+ * Handle inline images also inside multipart/mixed messages (#5905)
+ * Fix bug where attachment size wasn't visible when the filename was too
long (#6033)
+ * Fix checking table columns when there's more schemas/databases in
postgres/mysql (#6047)
+ * Fix css conflicts in user interface and e-mail content (#5891)
+ * Fix duplicated signature when using Back button in Chrome (#5809)
+ * Fix touch event issue on messages list in IE/Edge (#5781)
+ * Fix so links over images are not removed in plain text signatures
converted from HTML (#4473)
+ * Fix various issues when downloading files with names containing non-ascii
chars, use RFC 2231 (#5772)
+ * Managesieve: Fix bug where text: syntax was forced for strings longer than
1024 characters (#6143)
+ * Managesieve: Fix missing Save button in Edit Filter Set page of Classic
skin (#6154)
+ * Fix duplicated labels in Test SMTP Config section (#6166)
+ * Fix PHP Warning: exif_read_data(...): Illegal IFD size (#6169)
+ * Enigma: Fix key generation in Safari by upgrade to OpenPGP 2.6.2 (#6149)
+ * Fix security issue in remote content blocking on HTML image and style tags
(#6178)
+ * Added 9pt and 11pt to the list of font sizes in HTML editor
+ * Fix handling encoding of HTML tags in "inline" JSON output (#6207)
+ * Fix bug where some unix timestamps were not handled correctly by
rcube_utils::anytodatetime() (#6212)
+
+-------------------------------------------------------------------
+Fri Feb 16 08:06:57 UTC 2018 - [email protected]
+
+- fix rights for enigma plugin
+
+-------------------------------------------------------------------
+Mon Feb 5 19:14:45 UTC 2018 - [email protected]
+
+- Trim bias from description.
+- Replace %__-type macro indirections.
+- Avoid bashisms in build logic.
+
+-------------------------------------------------------------------
+Sun Feb 4 22:36:44 UTC 2018 - [email protected]
+
+- Upgrade to version 1.3.4
+- RELEASE 1.3.4
+ * Fix bug where contacts search could skip some records (#6130)
++++ 1258 more lines (skipped)
++++ between /dev/null
++++ and
/work/SRC/openSUSE:Leap:15.2:Update/.roundcubemail.14126.new.4249/roundcubemail.changes
New:
----
README.openSUSE
robots.txt
roundcubemail-1.1-beta-config_dir.patch
roundcubemail-1.3.15-complete.tar.gz
roundcubemail-1.3.15-complete.tar.gz.asc
roundcubemail-httpd.conf
roundcubemail-rpmlintrc
roundcubemail.changes
roundcubemail.keyring
roundcubemail.logrotate
roundcubemail.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ roundcubemail.spec ++++++
#
# spec file for package roundcubemail
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: roundcubemail
Version: 1.3.15
Release: 0
Summary: A browser-based multilingual IMAP client
License: GPL-3.0-or-later AND GPL-2.0-only AND BSD-3-Clause
Group: Productivity/Networking/Email/Clients
Url: https://www.roundcube.net/
Source0:
https://github.com/roundcube/roundcubemail/releases/download/%{version}/%{name}-%{version}-complete.tar.gz
Source1: %{name}-rpmlintrc
Source2: %{name}-httpd.conf
Source4: README.openSUSE
Source5: %{name}.logrotate
Source6: https://roundcube.net/download/pubkey.asc#/%{name}.keyring
Source7:
https://github.com/roundcube/roundcubemail/releases/download/%{version}/%{name}-%{version}-complete.tar.gz.asc
Source8: robots.txt
# PATCH-FIX-OPENSUSE roundcubemail-1.1-beta-config_dir.patch -- use the general
config directory /etc
Patch0: %{name}-1.1-beta-config_dir.patch
BuildArch: noarch
BuildRequires: apache2-devel
%if 0%{suse_version} >= 1100
BuildRequires: fdupes
%endif
BuildRequires: pcre-devel
BuildRequires: php
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: http_daemon
Requires: mod_php_any >= 5.3
Requires: php-dom
Requires: php-exif
Requires: php-gettext
Requires: php-iconv
Requires: php-json
Requires: php-mbstring
Requires: php-openssl
Requires: php-session
Requires: php-sockets
Requires: php_any_db
## Requires: for upstream dep package
Requires: php-pear-Auth_SASL >= 1.0.6
Requires: php-pear-MDB2_Driver_mysqli
Requires: php-pear-Mail_Mime >= 1.9.0
Requires: php-pear-Net_IDNA2 >= 0.1.1
Requires: php-pear-Net_LDAP2
Requires: php-pear-Net_SMTP
Requires: php-pear-Net_Sieve >= 1.3.2
Requires: php-pear-Net_Socket
Recommends: logrotate
Recommends: php-mysql
Recommends: php-intl
Recommends: php-fileinfo
Recommends: php-zip
Recommends: php-pear-Crypt_GPG >= 1.2.0
Suggests: apache2
Provides: roundcube_framework = %{version}
Conflicts: roundcube-framework
%define apache_serverroot %(/usr/sbin/apxs2 -q DATADIR)
%define apache_sysconfdir %(/usr/sbin/apxs2 -q SYSCONFDIR)
%define roundcubepath %{apache_serverroot}/%{name}
%define roundcubeconfigpath %{_sysconfdir}/%{name}
%define php_major_version %(php -r "echo PHP_MAJOR_VERSION;")
%description
Roundcube Webmail is a browser-based multilingual IMAP client with an
application-like user interface. It provides MIME support, address
book, folder manipulation, message searching and spell checking.
Roundcube Webmail is written in PHP and requires a MySQL database.
The user interface is skinnable using XHTML and CSS 2.
%prep
%setup -q
%patch0 -p1
cp %{SOURCE4} .
# remove cruft from source archive
find . -name ".gitignore" -delete
# no need to check .htaccess each time, the apache config takes care of the
restrictions
find . -name ".htaccess" -delete
# remove mssql scripts (not needed on openSUSE)
rm -rf \
SQL/mssql/ \
SQL/mssql.*.sql
# remove shebang from chpass-wrapper
sed -i '1d' plugins/password/helpers/chpass-wrapper.py
# remove INSTALL doc
rm INSTALL
%build
%install
# install roundcubemail.logrotate
install -d -m 0755 %{buildroot}/%{_sysconfdir}/logrotate.d
install %{SOURCE5} %{buildroot}/%{_sysconfdir}/logrotate.d/%{name}
# extract roundcube-framework
install -d -m 0755 %{buildroot}/%{_datadir}/php%{php_major_version}
mv program/lib/Roundcube
%{buildroot}%{_datadir}/php%{php_major_version}/Roundcube
# install roundcubemail
install -d -m 0755 %{buildroot}/%{roundcubepath}
cp -a * %{buildroot}%{roundcubepath}/
cp %{SOURCE8} %{buildroot}%{roundcubepath}/
ln -s %{roundcubepath}/installer
%{buildroot}/%{roundcubepath}/public_html/installer
# install config
mkdir -p %{buildroot}%{_sysconfdir}/%{name}
cp config/* %{buildroot}%{roundcubeconfigpath}/
install %{buildroot}/%{roundcubeconfigpath}/config.inc.php.sample
%{buildroot}/%{roundcubeconfigpath}/config.inc.php
rm -rf %{buildroot}/%{roundcubepath}/config
ln -s %{roundcubeconfigpath} %{buildroot}/%{roundcubepath}/config
# logs + temp go into /var/
rm -rf %{buildroot}/%{roundcubepath}/logs \
%{buildroot}%{roundcubepath}/temp
install -d %{buildroot}/%{_localstatedir}/log/%{name} \
%{buildroot}%{_localstatedir}/lib/%{name}
ln -s %{_localstatedir}/log/%{name}/ %{buildroot}/%{roundcubepath}/logs
ln -s %{_localstatedir}/lib/%{name}/ %{buildroot}/%{roundcubepath}/temp
# move some plugin configs to /etc/roundcubemail
for PLUGIN in acl managesieve password; do
if [ -f %{buildroot}/%{roundcubepath}/plugins/$PLUGIN/config.inc.php.dist
]; then
mv %{buildroot}%{roundcubepath}/plugins/$PLUGIN/config.inc.php.dist
%{buildroot}%{roundcubeconfigpath}/$PLUGIN.inc.php
ln -s %{roundcubeconfigpath}/$PLUGIN.inc.php
%{buildroot}/%{roundcubepath}/plugins/$PLUGIN/config.inc.php
fi
done
# install httpd.conf file and adapt the configuration
install -d -m 0755 %{buildroot}/%{apache_sysconfdir}/conf.d
sed -e "s#__ROUNDCUBEPATH__#%{roundcubepath}#g" %{SOURCE2} >
%{buildroot}%{apache_sysconfdir}/conf.d/roundcubemail.conf
# install docs
install -d -m 0755 %{buildroot}/%{_defaultdocdir}/%{name}
for i in CHANGELOG UPGRADING LICENSE README.md README.openSUSE SQL; do
mv -v %{buildroot}%{roundcubepath}/$i %{buildroot}%{_defaultdocdir}/%{name}/
done
# create a link for SQL
ln -s %{_defaultdocdir}/%{name}/SQL %{buildroot}/%{roundcubepath}/SQL
# Make ghost files
mkdir %{buildroot}%{roundcubepath}/migrated
mkdir %{buildroot}%{roundcubepath}/migration
# fdupes
%if 0%{suse_version} >= 1100
%fdupes %{buildroot}%{roundcubepath}
%endif
%pre
# backup logs, temp and config for migration
if [ ! -h %{roundcubepath}/logs ] && [ -d %{roundcubepath}/logs ]; then
mkdir -p %{roundcubepath}/migration
mv %{roundcubepath}/logs %{roundcubepath}/migration/.
fi
if [ ! -h %{roundcubepath}/temp ] && [ -d %{roundcubepath}/temp ]; then
mkdir -p %{roundcubepath}/migration
mv %{roundcubepath}/temp %{roundcubepath}/migration/.
fi
if [ ! -h %{roundcubepath}/SQL ] && [ -d %{roundcubepath}/SQL ]; then
mkdir -p %{roundcubepath}/migration
mv %{roundcubepath}/SQL %{roundcubepath}/migration/.
fi
for PLUGIN in acl managesieve password; do
if [ ! -h %{roundcubepath}/plugins/$PLUGIN/config.inc.php ] && [ -f
%{roundcubepath}/plugins/$PLUGIN/config.inc.php ]; then
mv %{roundcubepath}/plugins/$PLUGIN/config.inc.php
%{roundcubepath}/migration/$PLUGIN.inc.php
fi
done
%post
# replace default des string in config file for better security
makedesstr() {
local
chars="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
local max=${#chars}
for i in $(seq 1 24); do
echo "$chars" | dd bs=1 skip=$(($(od -An -d -N2 /dev/urandom) %
$max)) count=1 2>/dev/null
done
echo
}
sed -i "s/rcmail-\!24ByteDESkey\*Str/`makedesstr`/"
%{roundcubeconfigpath}/defaults.inc.php || : &> /dev/null
# enable apache required apache modules
if [ -x /usr/sbin/a2enmod ]; then
a2enmod -q alias || a2enmod alias
a2enmod -q rewrite || a2enmod rewrite
a2enmod -q version || a2enmod version
fi
# restore backed up logs, temp and config
if [ -h %{roundcubepath}/logs ] && [ -d %{roundcubepath}/migration/logs ]; then
mkdir -p %{roundcubepath}/migrated
cp %{roundcubepath}/migration/logs/* %{roundcubepath}/logs/.
mv %{roundcubepath}/migration/logs %{roundcubepath}/migrated/.
fi
if [ -h %{roundcubepath}/temp ] && [ -d %{roundcubepath}/migration/temp ]; then
mkdir -p %{roundcubepath}/migrated
cp %{roundcubepath}/migration/temp/* %{roundcubepath}/temp/.
mv %{roundcubepath}/migration/temp %{roundcubepath}/migrated/.
fi
if [ -h %{roundcubepath}/SQL ] && [ -d %{roundcubepath}/migration/SQL ]; then
rm -r %{roundcubepath}/migration/SQL
fi
for PLUGIN in acl managesieve password; do
if [ -f %{roundcubepath}/migration/$PLUGIN.inc.php ] && [ -h
%{roundcubepath}/plugins/$PLUGIN/config.inc.php ]; then
cp %{roundcubepath}/migration/$PLUGIN.inc.php
%{roundcubeconfigpath}/.
mv %{roundcubepath}/migration/$PLUGIN.inc.php
%{roundcubepath}/migrated/$PLUGIN.inc.php
fi
done
for MIGDIR in migration migrated; do
if [ -d %{roundcubepath}/$MIGDIR ]; then
find %{roundcubepath}/$MIGDIR -empty -delete
fi
if [ -d %{roundcubepath}/$MIGDIR ]; then
echo "Found %{roundcubepath}/$MIGDIR! Make sure you delete this folder
after checking the migration!"
fi
done
# update/make new config
if [ ! -f %{roundcubeconfigpath}/config.inc.php ]; then
if [ -f %{roundcubeconfigpath}/main.inc.php ] && [ -f
%{roundcubeconfigpath}/db.inc.php ]; then
%{roundcubepath}/bin/update.sh \
--version '?' \
--accept
else
cp %{roundcubeconfigpath}/config.inc.php.sample
%{roundcubeconfigpath}/config.inc.php
fi
fi
exit 0
%files
%defattr(0644, root, root,0755)
%doc CHANGELOG
%doc LICENSE
%doc README.md
%doc README.openSUSE
%doc UPGRADING
%doc SQL/
%dir %{roundcubepath}
%dir %{roundcubeconfigpath}
%ghost %config(noreplace) %{roundcubeconfigpath}/config.inc.php
%config(noreplace) %{roundcubeconfigpath}/acl.inc.php
%config(noreplace) %{roundcubeconfigpath}/managesieve.inc.php
%config(noreplace) %{roundcubeconfigpath}/password.inc.php
%config %{roundcubeconfigpath}/config.inc.php.sample
%config %{roundcubeconfigpath}/defaults.inc.php
%config %{roundcubeconfigpath}/mimetypes.php
%config(noreplace) %{apache_sysconfdir}/conf.d/roundcubemail.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%{roundcubepath}/composer.json-dist
%{roundcubepath}/config
%{roundcubepath}/index.php
%{roundcubepath}/robots.txt
%dir %{roundcubepath}/bin
%attr(0755,root,root) %{roundcubepath}/bin/*.sh
%{roundcubepath}/installer/
%{roundcubepath}/logs
%ghost %{roundcubepath}/migrated/
%ghost %{roundcubepath}/migration/
%{roundcubepath}/public_html/
%{roundcubepath}/plugins/
%{roundcubepath}/program/
%{roundcubepath}/skins/
%{roundcubepath}/SQL
%{roundcubepath}/temp
%{roundcubepath}/vendor/
%dir %{_datadir}/php%{php_major_version}
%{_datadir}/php%{php_major_version}/Roundcube/
%attr(-, wwwrun, root) %{_localstatedir}/log/%{name}
%attr(-, wwwrun, root) %{_localstatedir}/lib/%{name}
# RW need for PGP plugin
%attr(0700, wwwrun, root) %dir %{roundcubepath}/plugins/enigma/home
%changelog
++++++ README.openSUSE ++++++
This README contains additional information specific to the
openSUSE package of roundcube.
INSTALLATION
============
This application is packaged to integrate with Apache and MySQL but
it can basically run with every webserver being able to run PHP and
also use other SQL based database engines.
After installation of the package the application will immediately
be reachable from everywhere once Apache is enabled under the URL
http://IP-ADDRESS/roundcubemail
The configuration is copied from the example config files from the
package and therefore not really working.
First step is to prepare the MySQL database for Roundcube:
Setting up the mysql database can be done by creating an empty database,
importing the table layout and granting the proper permissions to the
roundcube user. Here is an example of that procedure:
# mysql
> CREATE DATABASE roundcubemail /*!40101 CHARACTER SET utf8 COLLATE
> utf8_general_ci */;
> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost
IDENTIFIED BY 'password';
> quit
# mysql roundcubemail <
/usr/share/doc/packages/roundcubemail/SQL/mysql.initial.sql
Note 1: 'password' is the master password for the roundcube user. It is strongly
recommended you replace this with a more secure password. Please keep in
mind: You need to specify this password later in
'/etc/roundcubemail/db.inc.php'.
To use the integrated web based installer you need to enable it first
in /etc/roundcubemail/config.inc.php:
$rcmail_config['enable_installer'] = true;
IMPORTANT: This MUST be disabled again after installation is finished
for SECURITY reasons
and then access
http://IP-ADDRESS/roundcubemail/installer
to finish the installation.
++++++ robots.txt ++++++
User-agent: *
Disallow: /
++++++ roundcubemail-1.1-beta-config_dir.patch ++++++
diff -Naur roundcubemail-1.3.4.orig/program/include/iniset.php
roundcubemail-1.3.4/program/include/iniset.php
--- roundcubemail-1.3.4.orig/program/include/iniset.php 2018-01-14
14:00:51.000000000 +0100
+++ roundcubemail-1.3.4/program/include/iniset.php 2018-02-04
23:47:34.217834831 +0100
@@ -29,7 +29,7 @@
}
if (!defined('RCMAIL_CONFIG_DIR')) {
- define('RCMAIL_CONFIG_DIR', INSTALL_PATH . 'config');
+ define('RCMAIL_CONFIG_DIR', '/etc/roundcubemail');
}
if (!defined('RCUBE_LOCALIZATION_DIR')) {
++++++ roundcubemail-httpd.conf ++++++
# You might want to set up a virtual host for the server, but it is
# not a requirement. You can as well reach the server under its
# common name under https://yourroundcubeserver.example.com/
#
# NameVirtualHost *
# <VirtualHost *>
# ServerName yourroundcubeserver.example.com
# DocumentRoot __ROUNDCUBEPATH__
<IfModule mod_alias.c>
Alias /roundcubemail "__ROUNDCUBEPATH__/public_html"
</IfModule>
# AddDefaultCharset UTF-8
AddType text/x-component .htc
<Directory "__ROUNDCUBEPATH__/public_html">
<IfModule mod_version.c>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule mod_access_compat.c>
Order allow,deny
Allow from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order allow,deny
Allow from all
</IfModule>
<IfModule mod_php5.c>
php_flag display_errors Off
php_flag log_errors On
#php_value error_log logs/errors
php_value upload_max_filesize 5M
php_value post_max_size 6M
php_value memory_limit 64M
php_flag register_globals Off
php_flag zlib.output_compression Off
php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag suhosin.session.encrypt Off
#php_value session.cookie_path /
#php_value session.hash_function sha256
php_flag session.auto_start Off
php_value session.gc_maxlifetime 21600
php_value session.gc_divisor 500
php_value session.gc_probability 1
</IfModule>
<IfModule mod_php7.c>
php_flag display_errors Off
php_flag log_errors On
#php_value error_log logs/errors
php_value upload_max_filesize 5M
php_value post_max_size 6M
php_value memory_limit 64M
php_flag register_globals Off
php_flag zlib.output_compression Off
php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag suhosin.session.encrypt Off
#php_value session.cookie_path /
#php_value session.hash_function sha256
php_flag session.auto_start Off
php_value session.gc_maxlifetime 21600
php_value session.gc_divisor 500
php_value session.gc_probability 1
</IfModule>
<IfModule mod_rewrite.c>
Options +SymLinksIfOwnerMatch
RewriteEngine On
RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico
# security rules:
# - deny access to files not containing a dot or starting with a dot
# in all locations except installer directory
RewriteRule ^(?!installer|\.well-known\/|[a-f0-9]{16})(\.?[^\.]+)$ - [F]
# - deny access to some locations
RewriteRule
^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps))
- [F]
# - deny access to composer binaries
RewriteRule ^/vendor\/bin\/.* - [F]
# - deny access to some documentation files
RewriteRule
/?(README\.md|composer\.json-dist|composer\.json|package\.xml|Dockerfile)$ - [F]
# security rules
</IfModule>
<IfModule mod_deflate.c>
SetOutputFilter DEFLATE
</IfModule>
<IfModule mod_headers.c>
#Header merge Cache-Control public env=!NO_CACHE
# for better privacy/security ask browsers to not set the Referer
#Header set Content-Security-Policy "referrer no-referrer"
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
</IfModule>
FileETag MTime Size
<IfModule mod_autoindex.c>
Options -Indexes
</ifModule>
</Directory>
#
# Special directories
#
<Directory "__ROUNDCUBEPATH__">
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory "__ROUNDCUBEPATH__/bin">
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory "__ROUNDCUBEPATH__/config">
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory "__ROUNDCUBEPATH__/logs">
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory "__ROUNDCUBEPATH__/migration">
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory "__ROUNDCUBEPATH__/migrated">
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory "__ROUNDCUBEPATH__/plugins/enigma/home">
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory "__ROUNDCUBEPATH__/program">
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule !^js|.*\.gif$ - [F]
</IfModule>
</Directory>
<Directory "__ROUNDCUBEPATH__/temp">
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
#
# </VirtualHost>
++++++ roundcubemail-rpmlintrc ++++++
addFilter("E: devel-file-in-non-devel-package")
++++++ roundcubemail.logrotate ++++++
/var/log/roundcubemail/console /var/log/roundcubemail/errors
/var/log/roundcubemail/imap /var/log/roundcubemail/ldap
/var/log/roundcubemail/sendmail /var/log/roundcubemail/sieve
/var/log/roundcubemail/smtp /var/log/roundcubemail/sql
/var/log/roundcubemail/userlogins {
missingok
compress
notifempty
size 30k
su wwwrun www
create 0660 wwwrun www
}