Hello community, here is the log from the commit of package roundcubemail.14126 for openSUSE:Leap:15.2:Update checked in at 2020-09-24 14:21:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/roundcubemail.14126 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.roundcubemail.14126.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "roundcubemail.14126" Thu Sep 24 14:21:18 2020 rev:1 rq:835789 version:1.3.15 Changes: -------- New Changes file: --- /dev/null 2020-09-10 00:27:47.435250138 +0200 +++ /work/SRC/openSUSE:Leap:15.2:Update/.roundcubemail.14126.new.4249/roundcubemail.changes 2020-09-24 14:21:20.192676116 +0200 @@ -0,0 +1,1455 @@ +------------------------------------------------------------------- +Thu Aug 13 01:05:30 UTC 2020 - Lars Vogdt <l...@linux-schulserver.de> + +- Upgrade to 1.3.15 + This is a security update to the LTS version 1.3. (bsc#1175135) + * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145] + * Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content + From 1.3.14 (bsc#1173792 -> CVE-2020-15562) + * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace + From 1.3.13 + * Installer: Fix regression in SMTP test section (#7417) + From 1.3.12 + * Security: Better fix for CVE-2020-12641 (bsc#1171148) + * Security: Fix XSS issue in template object 'username' (#7406) + * Security: Fix couple of XSS issues in Installer (#7406) + * Security: Fix cross-site scripting (XSS) via malicious XML attachment + From 1.3.11 (bsc#1171148 -> CVE-2020-12641 bsc#1171040 -> CVE-2020-12625 bsc#1171149 -> CVE-2020-12640) + * Enigma: Fix compatibility with Mail_Mime >= 1.10.5 + * Fix permissions on some folders created by bin/install-jsdeps.sh script (#6930) + * Fix bug where inline images could have been ignored if Content-Id header contained redundant spaces (#6980) + * Fix PHP Warning: Use of undefined constant LOG_EMERGE (#6991) + * Fix PHP warning: "array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003) + * Security: Fix XSS issue in handling of CDATA in HTML messages + * Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings + * Security: Fix local file inclusion (and code execution) via crafted 'plugins' option + * Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302) + From 1.3.10 (bsc#1146286) + * Managesieve: Fix so "Create filter" option does not show up when Filters menu is disabled (#6723) + * Enigma: Fix bug where revoked users/keys were not greyed out in key info + * Enigma: Fix error message when trying to encrypt with a revoked key (#6607) + * Enigma: Fix "decryption oracle" bug [CVE-2019-10740] (#6638) + * Fix compatibility with kolab/net_ldap3 > 1.0.7 (#6785) + * Fix bug where bmp images couldn't be displayed on some systems (#6728) + * Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744) + * Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758) + * Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746) + * Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793) + * Fix bug where selection of columns on messages list wasn't working + * Fix bug in converting multi-page Tiff images to Jpeg (#6824) + * Fix wrong messages order after returning to a multi-folder search result (#6836) + * Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866) + * Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898) + * Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899) + * Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897) + * Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896) + From 1.3.9 (bsc#1115718) + * Fix TinyMCE download location (#6694) + * Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494) + * Fix handling of empty entries in vCard import (#6564) + * Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577) + * Fix PHP 7.2 compatibility in debug_logger plugin (#6586) + * Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581) + * Fix so mime_content_type check in Installer uses files that should always + be available (i.e. from program/resources) (#6599) + * Fix missing CSRF token on a link to download too-big message part (#6621) + * Fix bug when aborting dragging with ESC key didn't stop the move action (#6623) + * Fix bug where next row wasn't selected after deleting a collapsed thread (#6655) + From 1.3.8 + * Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374) + * Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383) + * Enigma: Fix deleting keys with authentication subkeys (#6381) + * Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398) + * Fix so Classic skin splitter does not escape out of window (#6397) + * Fix XSS issue in handling invalid style tag content (#6410) + * Fix compatibility with MySQL 8 - error on 'system' table use + * Managesieve: Fix bug where show_real_foldernames setting wasn't respected (#6422) + * New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419) + * Fix support for "allow-from <uri>" in "x_frame_options" config option (#6449) + * Fix bug where valid content between HTML comments could have been skipped in some cases (#6464) + * Fix multiple VCard field search (#6466) + * Fix session issue on long running requests (#6470) + From 1.3.7 (bsc#1115719) + * Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244) + * Fix bug where some parts of quota information could have been ignored (#6280) + * Fix bug where some escape sequences in html styles could bypass security checks + * Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names + * Fix bug where only attachments with the same name would be ignored on zip download (#6301) + * Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299) + * Fix bug where after "mark all folders as read" action message counters were not reset (#6307) + * Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289) + * Fix bug where some HTML comments could have been malformed by HTML parser (#6333) + +------------------------------------------------------------------- +Fri Apr 13 06:40:00 UTC 2018 - kbabi...@suse.com + +- Upgrade to version 1.3.6 + * Fix parsing date strings (e.g. from a Date: mail header) with comments + * Fix PHP 7.2: count(): Parameter must be an array in enchant-based spellchecker + * Fix possible IMAP command injection and type juggling vulnerabilities + * Enigma: Fix key selection for signing + * Enigma: Enable keypair generation on Internet Explorer 11 + * Fix check_request() bypass in places using get_uids() (CVE-2018-9846 boo#1067574) + * Fix bug where usernames without domain part could be malformed or converted to lower-case on logon + +------------------------------------------------------------------- +Fri Mar 16 08:57:47 UTC 2018 - joop.boo...@opensuse.org + +- Upgrade to version 1.3.5 + * Added new skin with mobile support - the Elastic + * Support Redis cache + * Improved Mailvelope integration + - Added private key listing and generating to identity settings + - Enable encrypt & sign option if Mailvelope supports it + * Update to jQuery-3.3.1 + * vcard_attachments: Add possibility to send contact vCard from Contacts toolbar (#6080) + * Add More actions button in Contacts toolbar with Copy/Move actions (#6081) + * Display an error when clicking disabled link to register protocol handler (#6079) + * Add option trusted_host_patterns (#6009, #5752) + * Support SMTPUTF8 and relax email address validation to support unicode in local part (#5120) + * Support additional connect parameters in PostgreSQL database wrapper + * Use UI dialogs instead of confirm() and alert() where possible + * Display value of the SMTP message size limit in the error message (#6032) + * Skip redundant INSERT query on successful logon when using PHP7 + * Replace display_version with display_product_version (#5904) + * Extend disabled_actions config so it accepts also button names (#5903) + * Handle remote stylesheets the same as remote images, ask the user to allow them (#5994) + * Add Message-ID to the sendmail log (#5871) + * Managesieve: Add ability to disable filter sets and other actions (#5496, #5898) + * Managesieve: Add option managesieve_forward to enable settings dialog for simple forwarding (#6021) + * Managesieve: Support filter action with custom IMAP flags (#6011) + * Managesieve: Support 'mime' extension tests - RFC5703 (#5832) + * Managesieve: Support GSSAPI authentication with krb_authentication plugin (#5779) + * Changed defaults for smtp_user (%u), smtp_pass (%p) and smtp_port (587) + * Composer: Fix certificate validation errors by using packagist only (#5148) + * Enigma: Add button to send mail unencrypted if no key was found (#5913) + * Enigma: Add options to set PGP cipher/digest algorithms (#5645) + * Enigma: Multi-host support + * Add --get and --extract arguments and CACHEDIR env-variable support to install-jsdeps.sh (#5882) + * Update to jquery-minicolors 2.2.6 + * Support _filter and _scope as GET arguments for opening mail UI (#5825) + * Support for IMAP folders that cannot contain both folders and messages (#5057) + * Added .user.ini file for php-fpm (#5846) + * Email Resent (Bounce) feature (#4985) + * Various improvements for templating engine and skin behaviours + - Support conditional include + - Support for 'link' objects + - Support including files with path relative to templates directory + - Use <button> instead of <input> for submit button on logon screen + * Reset onerror on images if placeholder does not exist to prevent from requests storm + * Unified and simplified code for loading content frame for responses and identities + * Display contact import and advanced search in popup dialogs + * Make possible to set (some) config options from a skin + * Added optional checkbox selection for the list widget + * Make 'compose' command always enabled + * Add .log suffix to all log file names, add option log_file_ext to control this (#313) + * Archive: Fix archiving by sender address on cyrus-imap + * Archive: Style Archive folder also on folder selector and folder manager lists + * Archive: Add Thunderbird compatible Month option (#5623) + * Return "401 Unauthorized" status when login fails (#5663) + * Support both comma and semicolon as recipient separator, drop recipients_separator option (#5092) + * Plugin API: Added 'show_bytes' hook (#5001) + * subscriptions_option: show \\Noselect folders greyed out (#5621) + * Add option to not indent quoted text on top-posting reply (#5105) + * Removed global $CONFIG variable + * Password: Support host variables in password_db_dsn option (#5955) + * Password: Automatic virtualmin domain setting, removed password_virtualmin_format option (#5759) + * Support AUTHENTICATE LOGIN for IMAP connections (#5563) + * Support LDAP GSSAPI authentication (#5703) + * Allow contacts without an email address (#5079) + * Localized timezone selector (#4983) + * Use 7bit encoding for ISO-2022-* charsets in sent mail (#5640) + * Handle inline images also inside multipart/mixed messages (#5905) + * Fix bug where attachment size wasn't visible when the filename was too long (#6033) + * Fix checking table columns when there's more schemas/databases in postgres/mysql (#6047) + * Fix css conflicts in user interface and e-mail content (#5891) + * Fix duplicated signature when using Back button in Chrome (#5809) + * Fix touch event issue on messages list in IE/Edge (#5781) + * Fix so links over images are not removed in plain text signatures converted from HTML (#4473) + * Fix various issues when downloading files with names containing non-ascii chars, use RFC 2231 (#5772) + * Managesieve: Fix bug where text: syntax was forced for strings longer than 1024 characters (#6143) + * Managesieve: Fix missing Save button in Edit Filter Set page of Classic skin (#6154) + * Fix duplicated labels in Test SMTP Config section (#6166) + * Fix PHP Warning: exif_read_data(...): Illegal IFD size (#6169) + * Enigma: Fix key generation in Safari by upgrade to OpenPGP 2.6.2 (#6149) + * Fix security issue in remote content blocking on HTML image and style tags (#6178) + * Added 9pt and 11pt to the list of font sizes in HTML editor + * Fix handling encoding of HTML tags in "inline" JSON output (#6207) + * Fix bug where some unix timestamps were not handled correctly by rcube_utils::anytodatetime() (#6212) + +------------------------------------------------------------------- +Fri Feb 16 08:06:57 UTC 2018 - ec...@opensuse.org + +- fix rights for enigma plugin + +------------------------------------------------------------------- +Mon Feb 5 19:14:45 UTC 2018 - jeng...@inai.de + +- Trim bias from description. +- Replace %__-type macro indirections. +- Avoid bashisms in build logic. + +------------------------------------------------------------------- +Sun Feb 4 22:36:44 UTC 2018 - joop.boo...@opensuse.org + +- Upgrade to version 1.3.4 +- RELEASE 1.3.4 + * Fix bug where contacts search could skip some records (#6130) ++++ 1258 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:Leap:15.2:Update/.roundcubemail.14126.new.4249/roundcubemail.changes New: ---- README.openSUSE robots.txt roundcubemail-1.1-beta-config_dir.patch roundcubemail-1.3.15-complete.tar.gz roundcubemail-1.3.15-complete.tar.gz.asc roundcubemail-httpd.conf roundcubemail-rpmlintrc roundcubemail.changes roundcubemail.keyring roundcubemail.logrotate roundcubemail.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ roundcubemail.spec ++++++ # # spec file for package roundcubemail # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: roundcubemail Version: 1.3.15 Release: 0 Summary: A browser-based multilingual IMAP client License: GPL-3.0-or-later AND GPL-2.0-only AND BSD-3-Clause Group: Productivity/Networking/Email/Clients Url: https://www.roundcube.net/ Source0: https://github.com/roundcube/roundcubemail/releases/download/%{version}/%{name}-%{version}-complete.tar.gz Source1: %{name}-rpmlintrc Source2: %{name}-httpd.conf Source4: README.openSUSE Source5: %{name}.logrotate Source6: https://roundcube.net/download/pubkey.asc#/%{name}.keyring Source7: https://github.com/roundcube/roundcubemail/releases/download/%{version}/%{name}-%{version}-complete.tar.gz.asc Source8: robots.txt # PATCH-FIX-OPENSUSE roundcubemail-1.1-beta-config_dir.patch -- use the general config directory /etc Patch0: %{name}-1.1-beta-config_dir.patch BuildArch: noarch BuildRequires: apache2-devel %if 0%{suse_version} >= 1100 BuildRequires: fdupes %endif BuildRequires: pcre-devel BuildRequires: php BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: http_daemon Requires: mod_php_any >= 5.3 Requires: php-dom Requires: php-exif Requires: php-gettext Requires: php-iconv Requires: php-json Requires: php-mbstring Requires: php-openssl Requires: php-session Requires: php-sockets Requires: php_any_db ## Requires: for upstream dep package Requires: php-pear-Auth_SASL >= 1.0.6 Requires: php-pear-MDB2_Driver_mysqli Requires: php-pear-Mail_Mime >= 1.9.0 Requires: php-pear-Net_IDNA2 >= 0.1.1 Requires: php-pear-Net_LDAP2 Requires: php-pear-Net_SMTP Requires: php-pear-Net_Sieve >= 1.3.2 Requires: php-pear-Net_Socket Recommends: logrotate Recommends: php-mysql Recommends: php-intl Recommends: php-fileinfo Recommends: php-zip Recommends: php-pear-Crypt_GPG >= 1.2.0 Suggests: apache2 Provides: roundcube_framework = %{version} Conflicts: roundcube-framework %define apache_serverroot %(/usr/sbin/apxs2 -q DATADIR) %define apache_sysconfdir %(/usr/sbin/apxs2 -q SYSCONFDIR) %define roundcubepath %{apache_serverroot}/%{name} %define roundcubeconfigpath %{_sysconfdir}/%{name} %define php_major_version %(php -r "echo PHP_MAJOR_VERSION;") %description Roundcube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides MIME support, address book, folder manipulation, message searching and spell checking. Roundcube Webmail is written in PHP and requires a MySQL database. The user interface is skinnable using XHTML and CSS 2. %prep %setup -q %patch0 -p1 cp %{SOURCE4} . # remove cruft from source archive find . -name ".gitignore" -delete # no need to check .htaccess each time, the apache config takes care of the restrictions find . -name ".htaccess" -delete # remove mssql scripts (not needed on openSUSE) rm -rf \ SQL/mssql/ \ SQL/mssql.*.sql # remove shebang from chpass-wrapper sed -i '1d' plugins/password/helpers/chpass-wrapper.py # remove INSTALL doc rm INSTALL %build %install # install roundcubemail.logrotate install -d -m 0755 %{buildroot}/%{_sysconfdir}/logrotate.d install %{SOURCE5} %{buildroot}/%{_sysconfdir}/logrotate.d/%{name} # extract roundcube-framework install -d -m 0755 %{buildroot}/%{_datadir}/php%{php_major_version} mv program/lib/Roundcube %{buildroot}%{_datadir}/php%{php_major_version}/Roundcube # install roundcubemail install -d -m 0755 %{buildroot}/%{roundcubepath} cp -a * %{buildroot}%{roundcubepath}/ cp %{SOURCE8} %{buildroot}%{roundcubepath}/ ln -s %{roundcubepath}/installer %{buildroot}/%{roundcubepath}/public_html/installer # install config mkdir -p %{buildroot}%{_sysconfdir}/%{name} cp config/* %{buildroot}%{roundcubeconfigpath}/ install %{buildroot}/%{roundcubeconfigpath}/config.inc.php.sample %{buildroot}/%{roundcubeconfigpath}/config.inc.php rm -rf %{buildroot}/%{roundcubepath}/config ln -s %{roundcubeconfigpath} %{buildroot}/%{roundcubepath}/config # logs + temp go into /var/ rm -rf %{buildroot}/%{roundcubepath}/logs \ %{buildroot}%{roundcubepath}/temp install -d %{buildroot}/%{_localstatedir}/log/%{name} \ %{buildroot}%{_localstatedir}/lib/%{name} ln -s %{_localstatedir}/log/%{name}/ %{buildroot}/%{roundcubepath}/logs ln -s %{_localstatedir}/lib/%{name}/ %{buildroot}/%{roundcubepath}/temp # move some plugin configs to /etc/roundcubemail for PLUGIN in acl managesieve password; do if [ -f %{buildroot}/%{roundcubepath}/plugins/$PLUGIN/config.inc.php.dist ]; then mv %{buildroot}%{roundcubepath}/plugins/$PLUGIN/config.inc.php.dist %{buildroot}%{roundcubeconfigpath}/$PLUGIN.inc.php ln -s %{roundcubeconfigpath}/$PLUGIN.inc.php %{buildroot}/%{roundcubepath}/plugins/$PLUGIN/config.inc.php fi done # install httpd.conf file and adapt the configuration install -d -m 0755 %{buildroot}/%{apache_sysconfdir}/conf.d sed -e "s#__ROUNDCUBEPATH__#%{roundcubepath}#g" %{SOURCE2} > %{buildroot}%{apache_sysconfdir}/conf.d/roundcubemail.conf # install docs install -d -m 0755 %{buildroot}/%{_defaultdocdir}/%{name} for i in CHANGELOG UPGRADING LICENSE README.md README.openSUSE SQL; do mv -v %{buildroot}%{roundcubepath}/$i %{buildroot}%{_defaultdocdir}/%{name}/ done # create a link for SQL ln -s %{_defaultdocdir}/%{name}/SQL %{buildroot}/%{roundcubepath}/SQL # Make ghost files mkdir %{buildroot}%{roundcubepath}/migrated mkdir %{buildroot}%{roundcubepath}/migration # fdupes %if 0%{suse_version} >= 1100 %fdupes %{buildroot}%{roundcubepath} %endif %pre # backup logs, temp and config for migration if [ ! -h %{roundcubepath}/logs ] && [ -d %{roundcubepath}/logs ]; then mkdir -p %{roundcubepath}/migration mv %{roundcubepath}/logs %{roundcubepath}/migration/. fi if [ ! -h %{roundcubepath}/temp ] && [ -d %{roundcubepath}/temp ]; then mkdir -p %{roundcubepath}/migration mv %{roundcubepath}/temp %{roundcubepath}/migration/. fi if [ ! -h %{roundcubepath}/SQL ] && [ -d %{roundcubepath}/SQL ]; then mkdir -p %{roundcubepath}/migration mv %{roundcubepath}/SQL %{roundcubepath}/migration/. fi for PLUGIN in acl managesieve password; do if [ ! -h %{roundcubepath}/plugins/$PLUGIN/config.inc.php ] && [ -f %{roundcubepath}/plugins/$PLUGIN/config.inc.php ]; then mv %{roundcubepath}/plugins/$PLUGIN/config.inc.php %{roundcubepath}/migration/$PLUGIN.inc.php fi done %post # replace default des string in config file for better security makedesstr() { local chars="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" local max=${#chars} for i in $(seq 1 24); do echo "$chars" | dd bs=1 skip=$(($(od -An -d -N2 /dev/urandom) % $max)) count=1 2>/dev/null done echo } sed -i "s/rcmail-\!24ByteDESkey\*Str/`makedesstr`/" %{roundcubeconfigpath}/defaults.inc.php || : &> /dev/null # enable apache required apache modules if [ -x /usr/sbin/a2enmod ]; then a2enmod -q alias || a2enmod alias a2enmod -q rewrite || a2enmod rewrite a2enmod -q version || a2enmod version fi # restore backed up logs, temp and config if [ -h %{roundcubepath}/logs ] && [ -d %{roundcubepath}/migration/logs ]; then mkdir -p %{roundcubepath}/migrated cp %{roundcubepath}/migration/logs/* %{roundcubepath}/logs/. mv %{roundcubepath}/migration/logs %{roundcubepath}/migrated/. fi if [ -h %{roundcubepath}/temp ] && [ -d %{roundcubepath}/migration/temp ]; then mkdir -p %{roundcubepath}/migrated cp %{roundcubepath}/migration/temp/* %{roundcubepath}/temp/. mv %{roundcubepath}/migration/temp %{roundcubepath}/migrated/. fi if [ -h %{roundcubepath}/SQL ] && [ -d %{roundcubepath}/migration/SQL ]; then rm -r %{roundcubepath}/migration/SQL fi for PLUGIN in acl managesieve password; do if [ -f %{roundcubepath}/migration/$PLUGIN.inc.php ] && [ -h %{roundcubepath}/plugins/$PLUGIN/config.inc.php ]; then cp %{roundcubepath}/migration/$PLUGIN.inc.php %{roundcubeconfigpath}/. mv %{roundcubepath}/migration/$PLUGIN.inc.php %{roundcubepath}/migrated/$PLUGIN.inc.php fi done for MIGDIR in migration migrated; do if [ -d %{roundcubepath}/$MIGDIR ]; then find %{roundcubepath}/$MIGDIR -empty -delete fi if [ -d %{roundcubepath}/$MIGDIR ]; then echo "Found %{roundcubepath}/$MIGDIR! Make sure you delete this folder after checking the migration!" fi done # update/make new config if [ ! -f %{roundcubeconfigpath}/config.inc.php ]; then if [ -f %{roundcubeconfigpath}/main.inc.php ] && [ -f %{roundcubeconfigpath}/db.inc.php ]; then %{roundcubepath}/bin/update.sh \ --version '?' \ --accept else cp %{roundcubeconfigpath}/config.inc.php.sample %{roundcubeconfigpath}/config.inc.php fi fi exit 0 %files %defattr(0644, root, root,0755) %doc CHANGELOG %doc LICENSE %doc README.md %doc README.openSUSE %doc UPGRADING %doc SQL/ %dir %{roundcubepath} %dir %{roundcubeconfigpath} %ghost %config(noreplace) %{roundcubeconfigpath}/config.inc.php %config(noreplace) %{roundcubeconfigpath}/acl.inc.php %config(noreplace) %{roundcubeconfigpath}/managesieve.inc.php %config(noreplace) %{roundcubeconfigpath}/password.inc.php %config %{roundcubeconfigpath}/config.inc.php.sample %config %{roundcubeconfigpath}/defaults.inc.php %config %{roundcubeconfigpath}/mimetypes.php %config(noreplace) %{apache_sysconfdir}/conf.d/roundcubemail.conf %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} %{roundcubepath}/composer.json-dist %{roundcubepath}/config %{roundcubepath}/index.php %{roundcubepath}/robots.txt %dir %{roundcubepath}/bin %attr(0755,root,root) %{roundcubepath}/bin/*.sh %{roundcubepath}/installer/ %{roundcubepath}/logs %ghost %{roundcubepath}/migrated/ %ghost %{roundcubepath}/migration/ %{roundcubepath}/public_html/ %{roundcubepath}/plugins/ %{roundcubepath}/program/ %{roundcubepath}/skins/ %{roundcubepath}/SQL %{roundcubepath}/temp %{roundcubepath}/vendor/ %dir %{_datadir}/php%{php_major_version} %{_datadir}/php%{php_major_version}/Roundcube/ %attr(-, wwwrun, root) %{_localstatedir}/log/%{name} %attr(-, wwwrun, root) %{_localstatedir}/lib/%{name} # RW need for PGP plugin %attr(0700, wwwrun, root) %dir %{roundcubepath}/plugins/enigma/home %changelog ++++++ README.openSUSE ++++++ This README contains additional information specific to the openSUSE package of roundcube. INSTALLATION ============ This application is packaged to integrate with Apache and MySQL but it can basically run with every webserver being able to run PHP and also use other SQL based database engines. After installation of the package the application will immediately be reachable from everywhere once Apache is enabled under the URL http://IP-ADDRESS/roundcubemail The configuration is copied from the example config files from the package and therefore not really working. First step is to prepare the MySQL database for Roundcube: Setting up the mysql database can be done by creating an empty database, importing the table layout and granting the proper permissions to the roundcube user. Here is an example of that procedure: # mysql > CREATE DATABASE roundcubemail /*!40101 CHARACTER SET utf8 COLLATE > utf8_general_ci */; > GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY 'password'; > quit # mysql roundcubemail < /usr/share/doc/packages/roundcubemail/SQL/mysql.initial.sql Note 1: 'password' is the master password for the roundcube user. It is strongly recommended you replace this with a more secure password. Please keep in mind: You need to specify this password later in '/etc/roundcubemail/db.inc.php'. To use the integrated web based installer you need to enable it first in /etc/roundcubemail/config.inc.php: $rcmail_config['enable_installer'] = true; IMPORTANT: This MUST be disabled again after installation is finished for SECURITY reasons and then access http://IP-ADDRESS/roundcubemail/installer to finish the installation. ++++++ robots.txt ++++++ User-agent: * Disallow: / ++++++ roundcubemail-1.1-beta-config_dir.patch ++++++ diff -Naur roundcubemail-1.3.4.orig/program/include/iniset.php roundcubemail-1.3.4/program/include/iniset.php --- roundcubemail-1.3.4.orig/program/include/iniset.php 2018-01-14 14:00:51.000000000 +0100 +++ roundcubemail-1.3.4/program/include/iniset.php 2018-02-04 23:47:34.217834831 +0100 @@ -29,7 +29,7 @@ } if (!defined('RCMAIL_CONFIG_DIR')) { - define('RCMAIL_CONFIG_DIR', INSTALL_PATH . 'config'); + define('RCMAIL_CONFIG_DIR', '/etc/roundcubemail'); } if (!defined('RCUBE_LOCALIZATION_DIR')) { ++++++ roundcubemail-httpd.conf ++++++ # You might want to set up a virtual host for the server, but it is # not a requirement. You can as well reach the server under its # common name under https://yourroundcubeserver.example.com/ # # NameVirtualHost * # <VirtualHost *> # ServerName yourroundcubeserver.example.com # DocumentRoot __ROUNDCUBEPATH__ <IfModule mod_alias.c> Alias /roundcubemail "__ROUNDCUBEPATH__/public_html" </IfModule> # AddDefaultCharset UTF-8 AddType text/x-component .htc <Directory "__ROUNDCUBEPATH__/public_html"> <IfModule mod_version.c> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all granted </IfModule> <IfModule mod_access_compat.c> Order allow,deny Allow from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order allow,deny Allow from all </IfModule> <IfModule mod_php5.c> php_flag display_errors Off php_flag log_errors On #php_value error_log logs/errors php_value upload_max_filesize 5M php_value post_max_size 6M php_value memory_limit 64M php_flag register_globals Off php_flag zlib.output_compression Off php_flag magic_quotes_gpc Off php_flag magic_quotes_runtime Off php_flag suhosin.session.encrypt Off #php_value session.cookie_path / #php_value session.hash_function sha256 php_flag session.auto_start Off php_value session.gc_maxlifetime 21600 php_value session.gc_divisor 500 php_value session.gc_probability 1 </IfModule> <IfModule mod_php7.c> php_flag display_errors Off php_flag log_errors On #php_value error_log logs/errors php_value upload_max_filesize 5M php_value post_max_size 6M php_value memory_limit 64M php_flag register_globals Off php_flag zlib.output_compression Off php_flag magic_quotes_gpc Off php_flag magic_quotes_runtime Off php_flag suhosin.session.encrypt Off #php_value session.cookie_path / #php_value session.hash_function sha256 php_flag session.auto_start Off php_value session.gc_maxlifetime 21600 php_value session.gc_divisor 500 php_value session.gc_probability 1 </IfModule> <IfModule mod_rewrite.c> Options +SymLinksIfOwnerMatch RewriteEngine On RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico # security rules: # - deny access to files not containing a dot or starting with a dot # in all locations except installer directory RewriteRule ^(?!installer|\.well-known\/|[a-f0-9]{16})(\.?[^\.]+)$ - [F] # - deny access to some locations RewriteRule ^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F] # - deny access to composer binaries RewriteRule ^/vendor\/bin\/.* - [F] # - deny access to some documentation files RewriteRule /?(README\.md|composer\.json-dist|composer\.json|package\.xml|Dockerfile)$ - [F] # security rules </IfModule> <IfModule mod_deflate.c> SetOutputFilter DEFLATE </IfModule> <IfModule mod_headers.c> #Header merge Cache-Control public env=!NO_CACHE # for better privacy/security ask browsers to not set the Referer #Header set Content-Security-Policy "referrer no-referrer" </IfModule> <IfModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 1 month" </IfModule> FileETag MTime Size <IfModule mod_autoindex.c> Options -Indexes </ifModule> </Directory> # # Special directories # <Directory "__ROUNDCUBEPATH__"> Options -FollowSymLinks AllowOverride None <IfModule mod_version.c> <IfVersion < 2.4> Order deny,allow Deny from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Order deny,allow Deny from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order deny,allow Deny from all </IfModule> </Directory> <Directory "__ROUNDCUBEPATH__/bin"> <IfModule mod_version.c> <IfVersion < 2.4> Order deny,allow Deny from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Order deny,allow Deny from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order deny,allow Deny from all </IfModule> </Directory> <Directory "__ROUNDCUBEPATH__/config"> Options -FollowSymLinks AllowOverride None <IfModule mod_version.c> <IfVersion < 2.4> Order deny,allow Deny from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Order deny,allow Deny from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order deny,allow Deny from all </IfModule> </Directory> <Directory "__ROUNDCUBEPATH__/logs"> Options -FollowSymLinks AllowOverride None <IfModule mod_version.c> <IfVersion < 2.4> Order deny,allow Deny from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Order deny,allow Deny from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order deny,allow Deny from all </IfModule> </Directory> <Directory "__ROUNDCUBEPATH__/migration"> Options -FollowSymLinks AllowOverride None <IfModule mod_version.c> <IfVersion < 2.4> Order deny,allow Deny from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Order deny,allow Deny from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order deny,allow Deny from all </IfModule> </Directory> <Directory "__ROUNDCUBEPATH__/migrated"> Options -FollowSymLinks AllowOverride None <IfModule mod_version.c> <IfVersion < 2.4> Order deny,allow Deny from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Order deny,allow Deny from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order deny,allow Deny from all </IfModule> </Directory> <Directory "__ROUNDCUBEPATH__/plugins/enigma/home"> <IfModule mod_version.c> <IfVersion < 2.4> Order deny,allow Deny from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Order deny,allow Deny from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order deny,allow Deny from all </IfModule> </Directory> <Directory "__ROUNDCUBEPATH__/program"> <IfModule mod_rewrite.c> RewriteEngine On RewriteRule !^js|.*\.gif$ - [F] </IfModule> </Directory> <Directory "__ROUNDCUBEPATH__/temp"> Options -FollowSymLinks AllowOverride None <IfModule mod_version.c> <IfVersion < 2.4> Order deny,allow Deny from all </IfVersion> <IfVersion >= 2.4> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule mod_access_compat.c> Order deny,allow Deny from all </IfModule> </IfVersion> </IfModule> <IfModule !mod_version.c> Order deny,allow Deny from all </IfModule> </Directory> # # </VirtualHost> ++++++ roundcubemail-rpmlintrc ++++++ addFilter("E: devel-file-in-non-devel-package") ++++++ roundcubemail.logrotate ++++++ /var/log/roundcubemail/console /var/log/roundcubemail/errors /var/log/roundcubemail/imap /var/log/roundcubemail/ldap /var/log/roundcubemail/sendmail /var/log/roundcubemail/sieve /var/log/roundcubemail/smtp /var/log/roundcubemail/sql /var/log/roundcubemail/userlogins { missingok compress notifempty size 30k su wwwrun www create 0660 wwwrun www }