Hello community,
here is the log from the commit of package roundcubemail.5987 for
openSUSE:13.2:Update checked in at 2016-12-07 11:25:43
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:13.2:Update/roundcubemail.5987 (Old)
and /work/SRC/openSUSE:13.2:Update/.roundcubemail.5987.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "roundcubemail.5987"
Changes:
--------
New Changes file:
--- /dev/null 2016-10-27 01:54:32.792041256 +0200
+++
/work/SRC/openSUSE:13.2:Update/.roundcubemail.5987.new/roundcubemail.changes
2016-12-07 11:25:45.000000000 +0100
@@ -0,0 +1,806 @@
+-------------------------------------------------------------------
+Tue Nov 29 11:42:02 UTC 2016 - a...@ajaissle.de
+
+- Add roundcubemail-1.0.9-001-acf633c-boo_982003.patch [boo#982003]
[CVE-2016-5103]
+ - Fix XSS issue in href attribute on area tag
+
+- Add roundcubemail-1.0.9-002-7b37ef8-empty_text_1.patch
+ - Avoid sending completely empty text parts for multipart/alternative
messages
+
+- Add roundcubemail-1.0.9-003-f1ca20d-empty_text_2.patch
+ - Don't create multipart/alternative messages with empty text/plain part
+
+- Add roundcubemail-1.0.9-004-1e275ac-boo_1001856.patch [boo#1001856]
+ - Wash position:fixed style in HTML mail for better security
+
+- Add roundcubemail-1.0.9-005-dc0c606-changelog.patch
+ - Update changelog
+
+- Add roundcubemail-1.0.9-006-5d2aaa6-_from_argument.patch
+ - Fix _from argument validation
+
+- Add roundcubemail-1.0.9-007-a54dde8-boo_1012493.patch [boo#1012493]
+ - Fix vulnerability in handling of mail()'s 5th argument
+
+-------------------------------------------------------------------
+Thu Aug 11 16:15:09 UTC 2016 - a...@ajaissle.de
+
+- Update to 1.0.9
+ - Fix a regression where some contact data was missing in export and PHP
warnings were logged (Kolab #4522)
+ - Enable use of TLSv1.1 and TLSv1.2 for IMAP (#4955)
+ - Fix XSS issue in SVG images handling (#4949) [CVE-2015-8864] [boo#976988]
+ - Fix (again) security issue in DBMail driver of password plugin
[CVE-2015-2181] (#4958)
+ - Fix bug where Archive/Junk buttons were not active after page jump with
select=all mode (#4961)
+ - Fix bug in long recipients list parsing for cases where recipient name
contained @-char (#4964)
+ - Fix additional_message_headers plugin compatibility with Mail_Mime >= 1.9
(#4966)
+ - Hide DSN option in Preferences when smtp_server is not used (#4967)
+
+-------------------------------------------------------------------
+Fri Jan 15 11:40:56 UTC 2016 - a...@ajaissle.de
+
+- Update to 1.0.8
+ - Add workaround for https://bugs.php.net/bug.php?id=70757 (#1490582)
+ - Fix HTML sanitizer to skip <!-- node type X --> in output (#1490583)
+ - Fix charset encoding of message/rfc822 part bodies (#1490606)
+ - Fix handling of message/rfc822 attachments on replies and forwards
(#1490607)
+ - Fix PDF support detection in Firefox > 19 (#1490610)
+ - Fix path traversal vulnerability (CWE-22) in setting a skin (#1490620)
[CVE-2015-8770] [bnc#962067]
+ - Fix so drag-n-drop of text (e.g. recipient addresses) on compose page
actually works (#1490619)
+ - Fix .htaccess rewrite rules to not block .well-known URIs (#1490615)
+- Updated apache2 config
+
+-------------------------------------------------------------------
+Fri Oct 23 11:55:15 UTC 2015 - a...@ajaissle.de
+
+- Changed roundcubemail-httpd.conf
+- Enable mod_version.c per default [boo#938840]
+
+-------------------------------------------------------------------
+Tue Sep 15 10:28:33 UTC 2015 - a...@ajaissle.de
+
+- Update to 1.0.7
+ Get rid of Mail_mimeDecode package dependency (#1490416)
+ Fix compatibility with Net_SMTP > 1.6.3 and Mail_Mime >= 1.9.0
+ Fix SQL error on logout when using session_storage=php (#1490421)
+ Fix so plain text signature field uses monospace font (#1490435)
+ Fix draft removal after a message is sent and storing sent message is
disabled (#1490467)
+ Fix handling of plus character in mailto: links (#1490510)
+ Fix so adding CC/BCC recipients from the sidebar unhides compose form
fields in Classic skin (#1490472)
+ Fix so gc.sh script removes also expired sessions from sql database
(#1490512)
+ Fix support for Mozilla-based browsers, e.g. Pale Moon (#1490517)
+ Fix various issues with Turkish (and similar) locales (#1490519)
+ Fix so In-Reply-To header is set also for MDN receipts (#1490523)
+ Fix XSS issue in drag-n-drop file uploads (#1490530)
+ Fix issue where Content-Length of some attachments could be set to wrong
value causing browser errors (#1490482)
+
+-------------------------------------------------------------------
+Sat Jun 6 18:35:27 UTC 2015 - a...@ajaissle.de
+
+- Update to 1.0.6
+ Make SMTP error log more verbose - include server response and error code
+ Fix rows count when messages search fails (#1490266)
+ Fix security issue in DBMail driver of password plugin (#1490261)
+ Fix handling of some improper constructs in format=flowed text as per the
RFC3676[4.5] (#1490284)
+ Fix missing or not up-to-date CATEGORIES entry in vCard export (#1490277)
+ Fix duplicate entry on timezones list in
rcube_config::timezone_name_from_abbr() (#1490293)
+ Fix handling of %-encoded entities in mailto: URLs (#1490346)
+ Fix bug where messages count was not updated after message move/delete
with skip_deleted=false (#1490372)
+ Fix security issue in contact photo handling (#1490379)
+ Fix bug where database_attachments_cache setting was not working
+ Fix attached file path unsetting in database_attachments plugin (#1490393)
+ Fix issues when using moduserprefs.sh without --user argument (#1490399)
+
+-------------------------------------------------------------------
+Sun Feb 1 12:33:22 UTC 2015 - a...@ajaissle.de
+
+- Update to 1.0.5 (bnc#915789)
+ Fix bug where some valid text in a message was handled as uuencoded
attachment
+ Fix wrong icon for download button in classic skin
+ Fix bug where sent message was saved in Sent folder even if disabled by
user (#1490208)
+ Fix checks based on window.ActiveXObject in IE > 10
+ Fix XSS issue in style attribute handling (#1490227) (CVE-2015-1433)
+ Fix bug where Drafts list wasn't updated on draft-save action in new
window (#1490225)
+ Fix so "set as default" option is hidden if identities_level > 1 (#1490226)
+ Fix bug where search was reset after returning from compose visited for
reply
+ Fix javascript error in "IE 8.0/Tablet PC" browser (#1490210)
+ Fix bug where empty fieldmap config entries caused empty results of ldap
search (#1490229)
+
+-------------------------------------------------------------------
+Thu Dec 18 17:28:40 UTC 2014 - a...@ajaissle.de
+
+- Update to 1.0.4
+ Disable TinyMCE contextmenu plugin as there are more cons than pros in
using it (#1490118)
+ Fix bug where show_real_foldernames setting wasn't honored on compose page
(#1490153)
+ Fix issue where Archive folder wasn't protected in Folder Manager
(#1490154)
+ Fix compatibility with PHP 5.2. in rcube_imap_generic (#1490115)
+ Fix setting flags on servers with no PERMANENTFLAGS response (#1490087)
+ Fix regression in SHAA password generation in ldap driver of password
plugin (#1490094)
+ Fix displaying of HTML messages with absolutely positioned elements in
Larry skin (#1490103)
+ Fix font style display issue in HTML messages with styled <span> elements
(#1490101)
+ Fix download of attachments that are part of TNEF message (#1490091)
+ Fix handling of uuencoded messages if messages_cache is enabled (#1490108)
+ Fix handling of base64-encoded attachments with extra spaces (#1490111)
+ Fix handling of UNKNOWN-CTE response, try do decode content client-side
(#1490046)
+ Fix bug where creating subfolders in shared folders wasn't possible
without ACL extension (#1490113)
+ Fix reply scrolling issue with text mode and start message below the quote
(#1490114)
+ Fix possible issues in skin/skin_path config handling (#1490125)
+ Fix lack of delimiter for recipient addresses in smtp_log (#1490150)
+ Fix generation of Blowfish-based password hashes (#1490184)
+ Fix bugs where CSRF attacks were still possible on some requests
+
+-------------------------------------------------------------------
+Sat Nov 08 20:02:00 UTC 2014 - Led <led...@gmail.com>
+
+- fix bashisms in post scripts
+
+-------------------------------------------------------------------
+Mon Sep 29 17:23:39 UTC 2014 - a...@ajaissle.de
+
+- Update to 1.0.3
+ Fix insert-signature command in external compose window if opened from
inline compose screen (#1490074)
+ Initialize HTML editor before restoring a message from localStorage
(#1490016)
+ Add 'sig_max_lines' config option to default config file (#1490071)
+ Add option to specify IMAP connection socket parameters -
imap_conn_options (#1489948)
+ Add option to set default message list mode - default_list_mode (#1487312)
+ Enable contextmenu plugin for TinyMCE editor (#1487014)
+ Fix some mime-type to extension mapping checks in Installer (#1489983)
+ Fix errors when using localStorage in Safari's private browsing mode
(#1489996)
+ Fix bug where $Forwarded flag was being set even if server didn't support
it (#1490000)
+ Fix various iCloud vCard issues, added fallback for external photos
(#1489993)
+ Fix invalid Content-Type header when send_format_flowed=false (#1489992)
+ Fix errors when adding/updating contacts in active search (#1490015)
+ Fix incorrect thumbnail rotation with GD and exif orientation data
(#1490029)
+ Fix contacts list update after adding/deleting/moving a contact (#1490028,
#1490033)
+ Fix handling of email addresses with quoted domain part (#1490040)
+ Fix comm_path update on task switch (#1490041)
+ Fix error in MSSQL update script 2013061000.sql (#1490061)
+ Fix validation of email addresses with IDNA domains (#1490067)
+
+-------------------------------------------------------------------
+Sun Jul 20 23:14:51 UTC 2014 - a...@ajaissle.de
+
+- Update to 1.0.2
+ * Fix storing unsaved drafts in localStorage (#1489818)
+ * Fix redundant horizontal scrollbar in HTML editor (#1489950)
+ * Fix PHP error in Preferences when default_folders was in dont_override
(#1489940)
+ * Add configurable LDAP_OPT_DEREF option (#1489864)
+ * Fix unintentional draft autosave request if autosave is disabled (#1489882)
+ * Fix malformed References: header in send/saved mail (#1489891)
+ * Fix handling unicode characters in links (#1489898)
+ * Fix incorrect handling of HTML comments in messages sanitization code
(#1489904)
+ * Fix so current page is reset on list-mode change (#1489907)
+ * Fix so responses menu hides on click in classic skin (#1489915)
+ * Fix unintentional line-height style modification in HTML messages
(#1489917)
+ * Fix broken normalize_string(), add support for ISO-8859-2 (#1489918)
+ * Support csv contacts import in German localization (#1489920)
+ * Fix so message list and counters are updated when a message is opened in
new window (#1489919)
+ * Fix malformed recipient name when composing a message by clicking on
mailto link (#1489942)
+ * Fix list reload after sending message in another window (#1489931)
+ * Fix so address format errors are ignored when saving a draft (#1489954)
+ * Fix incorrect label translation in return receipt (#1489963)
+ * Fix security issue in delete-response action - allow only ajax request
+ * Fix Delete button state after deleting identity/response (#1489972)
+ * Fix bug where contacts with no email address were listed on compose
addressbook (#1489970)
+ * Fix images import from various vCard formats (#1489977)
+ * Fix sorting messages by size on servers without SORT capability (#1489981)
+
+-------------------------------------------------------------------
+Mon Jun 23 20:26:06 UTC 2014 - jam...@vicidial.com
+
+- Modify roundcubemail-httpd.conf for OpenSuSE v.13.1 apache2
+ o Apache2 on OpenSuSE v.13.1 has the mod_access_compat.c module
+ statically compiled into the Apache2 core. This means it can't
+ be unloaded and the older pre-2.4 access directives must be
+ used. Since it is not advised to mix pre and post 2.4 access
+ methods the file had to be modified to look for this static
+ module and load pre-2.4 directives if found on Apache 2.4. It
+ should be forward compatible if the mod_access_compat.c module
++++ 609 more lines (skipped)
++++ between /dev/null
++++ and
/work/SRC/openSUSE:13.2:Update/.roundcubemail.5987.new/roundcubemail.changes
New:
----
README.openSUSE
roundcubemail-0.9.1_config-dir.patch
roundcubemail-1.0.9-001-acf633c-boo_982003.patch
roundcubemail-1.0.9-002-7b37ef8-empty_text_1.patch
roundcubemail-1.0.9-003-f1ca20d-empty_text_2.patch
roundcubemail-1.0.9-004-1e275ac-boo_1001856.patch
roundcubemail-1.0.9-005-dc0c606-changelog.patch
roundcubemail-1.0.9-006-5d2aaa6-_from_argument.patch
roundcubemail-1.0.9-007-a54dde8-boo_1012493.patch
roundcubemail-1.0.9.tar.gz
roundcubemail-httpd.conf
roundcubemail-rpmlintrc
roundcubemail.changes
roundcubemail.logrotate
roundcubemail.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ roundcubemail.spec ++++++
#
# spec file for package roundcubemail
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: roundcubemail
Version: 1.0.9
Release: 0
Summary: A modern browser-based multilingual IMAP client
License: GPL-3.0+ and GPL-2.0 and BSD-3-Clause
Group: Productivity/Networking/Email/Clients
Url: http://www.roundcube.net/
Source0: %{name}-%{version}.tar.gz
Source1: %{name}-rpmlintrc
Source2: %{name}-httpd.conf
Source4: README.openSUSE
Source5: %{name}.logrotate
Source100: %{name}-rpmlintrc
# PATCH-FIX-OPENSUSE roundcubemail-0.9.1_config-dir.patch -- use the general
config directory /etc
Patch0: %{name}-0.9.1_config-dir.patch
# PATCH-FIX-UPSTREAM -- Fix XSS issue in href attribute on area tag
Patch001: %{name}-1.0.9-001-acf633c-boo_982003.patch
# PATCH-FIX-UPSTREAM -- Avoid sending completely empty text parts for
multipart/alternative messages
Patch002: %{name}-1.0.9-002-7b37ef8-empty_text_1.patch
# PATCH-FIX-UPSTREAM -- Don't create multipart/alternative messages with empty
text/plain part
Patch003: %{name}-1.0.9-003-f1ca20d-empty_text_2.patch
# PATCH-FIX-UPSTREAM -- Wash position:fixed style in HTML mail for better
security
Patch004: %{name}-1.0.9-004-1e275ac-boo_1001856.patch
# PATCH-FIX-UPSTREAM -- Update changelog
Patch005: %{name}-1.0.9-005-dc0c606-changelog.patch
# PATCH-FIX-UPSTREAM -- Fix _from argument validation
Patch006: %{name}-1.0.9-006-5d2aaa6-_from_argument.patch
# PATCH-FIX-UPSTREAM -- Fix vulnerability in handling of mail()'s 5th argument
Patch007: %{name}-1.0.9-007-a54dde8-boo_1012493.patch
BuildArch: noarch
BuildRequires: apache2-devel
%if 0%{suse_version} >= 1100
BuildRequires: fdupes
%endif
BuildRequires: pcre-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: http_daemon
Requires: mod_php_any >= 5.3
Requires: php-dom
Requires: php-exif
Requires: php-gettext
Requires: php-iconv
Requires: php-json
Requires: php-mbstring
Requires: php-mcrypt
Requires: php-openssl
Requires: php-sockets
Requires: php_any_db
## Requires: for upstream dep package
Requires: php-pear-Auth_SASL >= 1.0.6
Requires: php-pear-MDB2_Driver_mysqli
Requires: php-pear-Mail_Mime >= 1.8.1
Requires: php-pear-Net_IDNA2 >= 0.1.1
Requires: php-pear-Net_LDAP2
Requires: php-pear-Net_SMTP
Requires: php-pear-Net_Sieve
Requires: php-pear-Net_Socket
Recommends: logrotate
Recommends: php-mysql
Recommends: php-intl
Recommends: php-fileinfo
Recommends: php-zip
Recommends: php-pear-Crypt_GPG >= 1.2.0
Provides: roundcube_framework = %{version}
Conflicts: roundcube-framework
%define apache_serverroot %(/usr/sbin/apxs2 -q DATADIR)
%define apache_sysconfdir %(/usr/sbin/apxs2 -q SYSCONFDIR)
%define roundcubepath %{apache_serverroot}/%{name}
%define roundcubeconfigpath %{_sysconfdir}/%{name}
%description
Roundcube Webmail is a browser-based multilingual IMAP client with an
application-like user interface. It provides full functionality you
expect from an e-mail client, including MIME support, address book,
folder manipulation, message searching and spell checking.
Roundcube Webmail is written in PHP and requires the MySQL database.
The user interface is fully skinnable using XHTML and CSS 2.
%prep
%setup -q
%patch0 -p1
%patch001 -p1
%patch002 -p1
%patch003 -p1
%patch004 -p1
%patch005 -p1
%patch006 -p1
%patch007 -p1
cp %{SOURCE4} .
# remove cruft from source archive
find . -name ".gitignore" -delete
# no need to check .htaccess each time, the apache config takes care of the
restrictions
find . -name ".htaccess" -delete
# remove external libraries
%{__rm} -rf \
program/lib/Auth/ \
program/lib/Mail/ \
program/lib/Net/ \
program/lib/PEAR*
# remove mssql scripts (not needed on openSUSE)
%{__rm} -rf \
SQL/mssql/ \
SQL/mssql.*.sql
# remove shebang from chpass-wrapper
sed -i '1d' plugins/password/helpers/chpass-wrapper.py
# remove INSTALL doc
%{__rm} INSTALL
%build
%install
# install roundcubemail.logrotate
%{__install} -d -m 0755 %{buildroot}%{_sysconfdir}/logrotate.d
%{__install} %{SOURCE5} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
# extract roundcube-framework
%{__install} -d -m 0755 %{buildroot}%{_datadir}/php5
mv program/lib/Roundcube %{buildroot}%{_datadir}/php5/Roundcube
# install roundcubemail
%{__install} -d -m 0755 %{buildroot}%{roundcubepath}
cp -a * %{buildroot}%{roundcubepath}/
# install config
mkdir -p %{buildroot}%{_sysconfdir}/%{name}
cp config/* %{buildroot}%{roundcubeconfigpath}/
%{__install} %{buildroot}%{roundcubeconfigpath}/config.inc.php.sample
%{buildroot}%{roundcubeconfigpath}/config.inc.php
%{__rm} -rf %{buildroot}%{roundcubepath}/config
%{__ln_s} %{roundcubeconfigpath} %{buildroot}%{roundcubepath}/config
# logs + temp go into /var/
%{__rm} -rf %{buildroot}%{roundcubepath}/logs \
%{buildroot}%{roundcubepath}/temp
%{__install} -d %{buildroot}%{_localstatedir}/log/%{name} \
%{buildroot}%{_localstatedir}/lib/%{name}
%{__ln_s} %{_localstatedir}/log/%{name}/ %{buildroot}%{roundcubepath}/logs
%{__ln_s} %{_localstatedir}/lib/%{name}/ %{buildroot}%{roundcubepath}/temp
# move some plugin configs to /etc/roundcubemail
for PLUGIN in acl managesieve password; do
if [[ -f %{buildroot}%{roundcubepath}/plugins/$PLUGIN/config.inc.php.dist
]]; then
mv %{buildroot}%{roundcubepath}/plugins/$PLUGIN/config.inc.php.dist
%{buildroot}%{roundcubeconfigpath}/$PLUGIN.inc.php
%{__ln_s} %{roundcubeconfigpath}/$PLUGIN.inc.php
%{buildroot}%{roundcubepath}/plugins/$PLUGIN/config.inc.php
fi
done
# install httpd.conf file and adapt the configuration
%{__install} -d -m 0755 %{buildroot}%{apache_sysconfdir}/conf.d
sed -e "s#__ROUNDCUBEPATH__#%{roundcubepath}#g" %{SOURCE2} >
%{buildroot}%{apache_sysconfdir}/conf.d/roundcubemail.conf
# install docs
%{__install} -d -m 0755 %{buildroot}%{_defaultdocdir}/%{name}
for i in CHANGELOG UPGRADING LICENSE README.md README.openSUSE SQL; do
mv -v %{buildroot}%{roundcubepath}/$i %{buildroot}%{_defaultdocdir}/%{name}/
done
# create a link for SQL
%{__ln_s} %{_defaultdocdir}/%{name}/SQL %{buildroot}%{roundcubepath}/SQL
# Make ghost files
mkdir %{buildroot}%{roundcubepath}/migrated
mkdir %{buildroot}%{roundcubepath}/migration
# fdupes
%if 0%{suse_version} >= 1100
%fdupes %{buildroot}%{roundcubepath}
%endif
%pre
# backup logs, temp and config for migration
if [ ! -h %{roundcubepath}/logs ] && [ -d %{roundcubepath}/logs ]; then
mkdir -p %{roundcubepath}/migration
mv %{roundcubepath}/logs %{roundcubepath}/migration/.
fi
if [ ! -h %{roundcubepath}/temp ] && [ -d %{roundcubepath}/temp ]; then
mkdir -p %{roundcubepath}/migration
mv %{roundcubepath}/temp %{roundcubepath}/migration/.
fi
if [ ! -h %{roundcubepath}/SQL ] && [ -d %{roundcubepath}/SQL ]; then
mkdir -p %{roundcubepath}/migration
mv %{roundcubepath}/SQL %{roundcubepath}/migration/.
fi
for PLUGIN in acl managesieve password; do
if [ ! -h %{roundcubepath}/plugins/$PLUGIN/config.inc.php ] && [ -f
%{roundcubepath}/plugins/$PLUGIN/config.inc.php ]; then
mv %{roundcubepath}/plugins/$PLUGIN/config.inc.php
%{roundcubepath}/migration/$PLUGIN.inc.php
fi
done
%post
# replace default des string in config file for better security
makedesstr() {
local
chars="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
local max=${#chars}
for i in $(seq 1 24); do
echo "$chars" | dd bs=1 skip=$(($(od -An -d -N2 /dev/urandom) %
$max)) count=1 2>/dev/null
done
echo
}
sed -i "s/rcmail-\!24ByteDESkey\*Str/`makedesstr`/"
%{roundcubeconfigpath}/defaults.inc.php || : &> /dev/null
# enable apache required apache modules
if [ -x /usr/sbin/a2enmod ]; then
a2enmod -q alias || a2enmod alias
a2enmod -q rewrite || a2enmod rewrite
a2enmod -q version || a2enmod version
fi
# restore backed up logs, temp and config
if [ -h %{roundcubepath}/logs ] && [ -d %{roundcubepath}/migration/logs ]; then
mkdir -p %{roundcubepath}/migrated
cp %{roundcubepath}/migration/logs/* %{roundcubepath}/logs/.
mv %{roundcubepath}/migration/logs %{roundcubepath}/migrated/.
fi
if [ -h %{roundcubepath}/temp ] && [ -d %{roundcubepath}/migration/temp ]; then
mkdir -p %{roundcubepath}/migrated
cp %{roundcubepath}/migration/temp/* %{roundcubepath}/temp/.
mv %{roundcubepath}/migration/temp %{roundcubepath}/migrated/.
fi
if [ -h %{roundcubepath}/SQL ] && [ -d %{roundcubepath}/migration/SQL ]; then
rm -r %{roundcubepath}/migration/SQL
fi
for PLUGIN in acl managesieve password; do
if [ -f %{roundcubepath}/migration/$PLUGIN.inc.php ] && [ -h
%{roundcubepath}/plugins/$PLUGIN/config.inc.php ]; then
cp %{roundcubepath}/migration/$PLUGIN.inc.php
%{roundcubeconfigpath}/.
mv %{roundcubepath}/migration/$PLUGIN.inc.php
%{roundcubepath}/migrated/$PLUGIN.inc.php
fi
done
for MIGDIR in migration migrated; do
if [ -d %{roundcubepath}/$MIGDIR ]; then
find %{roundcubepath}/$MIGDIR -empty -delete
fi
if [ -d %{roundcubepath}/$MIGDIR ]; then
echo "Found %{roundcubepath}/$MIGDIR! Make sure you delete this folder
after checking the migration!"
fi
done
# update/make new config
if [ ! -f %{roundcubeconfigpath}/config.inc.php ]; then
if [ -f %{roundcubeconfigpath}/main.inc.php ] && [ -f
%{roundcubeconfigpath}/db.inc.php ]; then
%{roundcubepath}/bin/update.sh \
--version '?' \
--accept
else
cp %{roundcubeconfigpath}/config.inc.php.sample
%{roundcubeconfigpath}/config.inc.php
fi
fi
exit 0
%files
%defattr(0644, root, root,0755)
%doc CHANGELOG
%doc LICENSE
%doc README.md
%doc README.openSUSE
%doc UPGRADING
%doc SQL/
%dir %{roundcubepath}
%dir %{roundcubeconfigpath}
%ghost %config(noreplace) %{roundcubeconfigpath}/config.inc.php
%config(noreplace) %{roundcubeconfigpath}/acl.inc.php
%config(noreplace) %{roundcubeconfigpath}/managesieve.inc.php
%config(noreplace) %{roundcubeconfigpath}/password.inc.php
%config %{roundcubeconfigpath}/config.inc.php.sample
%config %{roundcubeconfigpath}/defaults.inc.php
%config %{roundcubeconfigpath}/mimetypes.php
%config(noreplace) %{apache_sysconfdir}/conf.d/roundcubemail.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%{roundcubepath}/composer.json-dist
%{roundcubepath}/config
%{roundcubepath}/index.php
%{roundcubepath}/robots.txt
%dir %{roundcubepath}/bin
%attr(0755,root,root) %{roundcubepath}/bin/*.sh
%{roundcubepath}/installer/
%{roundcubepath}/logs
%ghost %{roundcubepath}/migrated/
%ghost %{roundcubepath}/migration/
%{roundcubepath}/plugins/
%{roundcubepath}/program/
%{roundcubepath}/skins/
%{roundcubepath}/SQL
%{roundcubepath}/temp
%dir %{_datadir}/php5
%{_datadir}/php5/Roundcube/
%attr(-, wwwrun, root) %{_localstatedir}/log/%{name}
%attr(-, wwwrun, root) %{_localstatedir}/lib/%{name}
%changelog
++++++ README.openSUSE ++++++
This README contains additional information specific to the
openSUSE package of roundcube.
INSTALLATION
============
This application is packaged to integrate with Apache and MySQL but
it can basically run with every webserver being able to run PHP and
also use other SQL based database engines.
After installation of the package the application will immediately
be reachable from everywhere once Apache is enabled under the URL
http://IP-ADDRESS/roundcube
The configuration is copied from the example config files from the
package and therefore not really working.
First step is to prepare the MySQL database for Roundcube:
Setting up the mysql database can be done by creating an empty database,
importing the table layout and granting the proper permissions to the
roundcube user. Here is an example of that procedure:
# mysql
> CREATE DATABASE roundcubemail /*!40101 CHARACTER SET utf8 COLLATE
> utf8_general_ci */;
> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost
IDENTIFIED BY 'password';
> quit
# mysql roundcubemail <
/usr/share/doc/packages/roundcubemail/SQL/mysql.initial.sql
Note 1: 'password' is the master password for the roundcube user. It is strongly
recommended you replace this with a more secure password. Please keep in
mind: You need to specify this password later in
'/etc/roundcubemail/db.inc.php'.
To use the integrated web based installer you need to enable it first
in /etc/roundcubemail/main.inc.php:
$rcmail_config['enable_installer'] = true;
IMPORTANT: This MUST be disabled again after installation is finished
for SECURITY reasons
and then access
http://IP-ADDRESS/roundcube/installer
to finish the installation.
++++++ roundcubemail-0.9.1_config-dir.patch ++++++
diff --git a/installer/index.php b/installer/index.php
index 0e80b1c..0123a70 100644
--- a/installer/index.php
+++ b/installer/index.php
@@ -41,7 +41,7 @@ ini_set('display_errors', 1);
define('INSTALL_PATH', realpath(dirname(__FILE__) . '/../').'/');
define('RCUBE_INSTALL_PATH', INSTALL_PATH);
-define('RCUBE_CONFIG_DIR', INSTALL_PATH . 'config/');
+define('RCUBE_CONFIG_DIR', '/etc/roundcubemail/');
$include_path = INSTALL_PATH . 'program/lib' . PATH_SEPARATOR;
$include_path .= INSTALL_PATH . 'program/include' . PATH_SEPARATOR;
diff --git a/program/include/iniset.php b/program/include/iniset.php
index ca17640..b6da3a6 100644
--- a/program/include/iniset.php
+++ b/program/include/iniset.php
@@ -29,7 +29,7 @@ if (!defined('INSTALL_PATH')) {
}
if (!defined('RCMAIL_CONFIG_DIR')) {
- define('RCMAIL_CONFIG_DIR', INSTALL_PATH . 'config');
+ define('RCMAIL_CONFIG_DIR', '/etc/roundcubemail/');
}
if (!defined('RCUBE_LOCALIZATION_DIR')) {
++++++ roundcubemail-1.0.9-001-acf633c-boo_982003.patch ++++++
From acf633c73bc8df9a5036bc52d7568f4213ab73c7 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <a...@alec.pl>
Date: Fri, 6 May 2016 08:28:15 +0200
Subject: [PATCH] Fix XSS issue in href attribute on area tag (#5240, #5241)
Conflicts:
CHANGELOG
---
CHANGELOG | 2 ++
program/lib/Roundcube/rcube_washtml.php | 2 +-
tests/Framework/Washtml.php | 17 +++++++++++++++++
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/CHANGELOG b/CHANGELOG
index 054de01..1f755a0 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,8 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix XSS issue in href attribute on area tag (#5240)
+
RELEASE 1.0.9
-------------
- Fix a regression where some contact data was missing in export and PHP
warnings were logged (Kolab #4522)
diff --git a/program/lib/Roundcube/rcube_washtml.php
b/program/lib/Roundcube/rcube_washtml.php
index 2b31033..f5a48e8 100644
--- a/program/lib/Roundcube/rcube_washtml.php
+++ b/program/lib/Roundcube/rcube_washtml.php
@@ -366,7 +366,7 @@ private function wash_uri($uri, $blocked_source = false)
*/
private function is_link_attribute($tag, $attr)
{
- return $tag == 'a' && $attr == 'href';
+ return ($tag == 'a' || $tag == 'area') && $attr == 'href';
}
/**
++++++ roundcubemail-1.0.9-002-7b37ef8-empty_text_1.patch ++++++
From 7b37ef8a3347f84bae7ca3ba5f6ec23862c7e96b Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <tho...@roundcube.net>
Date: Sun, 29 May 2016 13:36:29 +0200
Subject: [PATCH] Avoid sending completely empty text parts for
multipart/alternative messages (#5283)
---
program/steps/mail/sendmail.inc | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index c47f3d3..ac1d789 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -372,6 +372,11 @@ if ($isHtml) {
$plainTextPart = rcube_mime::wordwrap($h2t->get_text(), $LINE_LENGTH,
"\r\n", false, $message_charset);
$plainTextPart = wordwrap($plainTextPart, 998, "\r\n", true);
+ // completely blank text part confuses some mail clients
+ if ($plainTextPart == '') {
+ $plainTextPart = "\r\n";
+ }
+
// make sure all line endings are CRLF (#1486712)
$plainTextPart = preg_replace('/\r?\n/', "\r\n", $plainTextPart);
++++++ roundcubemail-1.0.9-003-f1ca20d-empty_text_2.patch ++++++
From f1ca20d9934b3999624205fc232f5da7b9973d81 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <a...@alec.pl>
Date: Tue, 28 Jun 2016 09:24:14 +0200
Subject: [PATCH] Don't create multipart/alternative messages with empty
text/plain part (#5283)
Conflicts:
CHANGELOG
program/steps/mail/sendmail.inc
---
CHANGELOG | 1 +
program/steps/mail/sendmail.inc | 21 +++++++++++----------
2 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 1f755a0..2843ebe 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Don't create multipart/alternative messages with empty text/plain part
(#5283)
- Fix XSS issue in href attribute on area tag (#5240)
RELEASE 1.0.9
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index ac1d789..c1e2611 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -372,18 +372,19 @@ if ($isHtml) {
$plainTextPart = rcube_mime::wordwrap($h2t->get_text(), $LINE_LENGTH,
"\r\n", false, $message_charset);
$plainTextPart = wordwrap($plainTextPart, 998, "\r\n", true);
- // completely blank text part confuses some mail clients
- if ($plainTextPart == '') {
- $plainTextPart = "\r\n";
- }
-
- // make sure all line endings are CRLF (#1486712)
- $plainTextPart = preg_replace('/\r?\n/', "\r\n", $plainTextPart);
+ // There's no sense to use multipart/alternative if the text/plain
+ // part would be blank. Completely blank text/plain part may confuse
+ // some mail clients (#5283)
+ if (strlen(trim($plainTextPart)) > 0) {
+ // make sure all line endings are CRLF (#1486712)
+ $plainTextPart = preg_replace('/\r?\n/', "\r\n", $plainTextPart);
- $plugin = $RCMAIL->plugins->exec_hook('message_outgoing_body',
- array('body' => $plainTextPart, 'type' => 'alternative', 'message' =>
$MAIL_MIME));
+ $plugin = $RCMAIL->plugins->exec_hook('message_outgoing_body',
+ array('body' => $plainTextPart, 'type' => 'alternative', 'message'
=> $MAIL_MIME));
- $MAIL_MIME->setTXTBody($plugin['body']);
+ // add a plain text version of the e-mail as an alternative part.
+ $MAIL_MIME->setTXTBody($plugin['body']);
+ }
// look for "emoticon" images from TinyMCE and change their src paths to
// be file paths on the server instead of URL paths.
++++++ roundcubemail-1.0.9-004-1e275ac-boo_1001856.patch ++++++
From 1e275ac13ac6222efd9dbc80118642bd2a6fe3dd Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <machn...@kolabsys.com>
Date: Sun, 29 May 2016 17:09:41 +0200
Subject: [PATCH] Wash position:fixed style in HTML mail for better security
(#5264)
---
program/lib/Roundcube/rcube_utils.php | 6 +++++-
program/lib/Roundcube/rcube_washtml.php | 9 +++++++--
tests/Framework/Utils.php | 10 ++++++++++
tests/Framework/Washtml.php | 14 ++++++++++++++
4 files changed, 36 insertions(+), 3 deletions(-)
diff --git a/program/lib/Roundcube/rcube_utils.php
b/program/lib/Roundcube/rcube_utils.php
index 28b16ff..adda416 100644
--- a/program/lib/Roundcube/rcube_utils.php
+++ b/program/lib/Roundcube/rcube_utils.php
@@ -430,10 +430,11 @@ public static function html_identifier($str,
$encode=false)
/**
* Replace all css definitions with #container [def]
- * and remove css-inlined scripting
+ * and remove css-inlined scripting, make position style safe
*
* @param string CSS source code
* @param string Container ID to use as prefix
+ * @param bool Allow remote content
*
* @return string Modified CSS source
*/
@@ -461,6 +462,9 @@ public static function mod_css_styles($source,
$container_id, $allow_remote=fals
$length = $pos2 - $pos - 1;
$styles = substr($source, $pos+1, $length);
+ // Convert position:fixed to position:absolute (#5264)
+ $styles = preg_replace('/position:[\s\r\n]*fixed/i', 'position:
absolute', $styles);
+
// check every line of a style block...
if ($allow_remote) {
$a_styles = preg_split('/;[\r\n]*/', $styles, -1,
PREG_SPLIT_NO_EMPTY);
diff --git a/program/lib/Roundcube/rcube_washtml.php
b/program/lib/Roundcube/rcube_washtml.php
index f5a48e8..ee992da 100644
--- a/program/lib/Roundcube/rcube_washtml.php
+++ b/program/lib/Roundcube/rcube_washtml.php
@@ -231,6 +231,11 @@ private function wash_style($style)
}
}
else if (!preg_match('/^(behavior|expression)/i', $val)) {
+ // Set position:fixed to position:absolute for
security (#5264)
+ if (!strcasecmp($cssid, 'position') &&
!strcasecmp($val, 'fixed')) {
+ $val = 'absolute';
+ }
+
// whitelist ?
$value .= ' ' . $val;
@@ -716,10 +721,9 @@ public static function fix_broken_lists(&$html)
*/
protected function explode_style($style)
{
- $style = trim($style);
+ $pos = 0;
// first remove comments
- $pos = 0;
while (($pos = strpos($style, '/*', $pos)) !== false) {
$end = strpos($style, '*/', $pos+2);
@@ -731,6 +735,7 @@ protected function explode_style($style)
}
}
+ $style = trim($style);
$strlen = strlen($style);
$result = array();
++++++ roundcubemail-1.0.9-005-dc0c606-changelog.patch ++++++
From dc0c6067b7597ff750ac3af2575ff9276ef28455 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <a...@alec.pl>
Date: Sun, 31 Jul 2016 09:34:06 +0200
Subject: [PATCH] Update changelog
---
CHANGELOG | 1 +
1 file changed, 1 insertion(+)
diff --git a/CHANGELOG b/CHANGELOG
index 2843ebe..fdaa57e 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,6 +3,7 @@ CHANGELOG Roundcube Webmail
- Don't create multipart/alternative messages with empty text/plain part
(#5283)
- Fix XSS issue in href attribute on area tag (#5240)
+- Wash position:fixed style in HTML mail for better security (#5264)
RELEASE 1.0.9
-------------
++++++ roundcubemail-1.0.9-006-5d2aaa6-_from_argument.patch ++++++
From 5d2aaa68c3b2c681f14d45d9f48fce1565dfbead Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <a...@alec.pl>
Date: Tue, 22 Nov 2016 10:38:41 +0100
Subject: [PATCH] Fix _from argument validation
---
program/steps/mail/sendmail.inc | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/program/steps/mail/sendmail.inc b/program/steps/mail/sendmail.inc
index c1e2611..4834880 100644
--- a/program/steps/mail/sendmail.inc
+++ b/program/steps/mail/sendmail.inc
@@ -105,11 +105,14 @@ if (is_numeric($from)) {
}
}
// ... if there is no identity record, this might be a custom from
-else if ($from_string = rcmail_email_input_format($from)) {
- if (preg_match('/(\S+@\S+)/', $from_string, $m))
- $from = trim($m[1], '<>');
- else
- $from = null;
+else if (($from_string = rcmail_email_input_format($from))
+ && preg_match('/(\S+@\S+)/', $from_string, $m)
+) {
+ $from = trim($m[1], '<>');
+}
+// ... otherwise it's empty or invalid
+else {
+ $from = null;
}
if (!$from_string && $from) {
++++++ roundcubemail-1.0.9-007-a54dde8-boo_1012493.patch ++++++
From a54dde834c9085b1579aa34cc382fe925d209d8e Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <a...@alec.pl>
Date: Tue, 22 Nov 2016 10:42:50 +0100
Subject: [PATCH] Fix vulnerability in handling of mail()'s 5th argument
---
CHANGELOG | 1 +
program/lib/Roundcube/rcube.php | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/CHANGELOG b/CHANGELOG
index fdaa57e..9ee4bbe 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG Roundcube Webmail
===========================
+- Fix vulnerability in handling of mail()'s 5th argument
- Don't create multipart/alternative messages with empty text/plain part
(#5283)
- Fix XSS issue in href attribute on area tag (#5240)
- Wash position:fixed style in HTML mail for better security (#5264)
diff --git a/program/lib/Roundcube/rcube.php b/program/lib/Roundcube/rcube.php
index 5fe4a4b..258a1c9 100644
--- a/program/lib/Roundcube/rcube.php
+++ b/program/lib/Roundcube/rcube.php
@@ -1542,7 +1542,7 @@ public function deliver_message(&$message, $from,
$mailto, &$error, &$body_file
if (filter_var(ini_get('safe_mode'), FILTER_VALIDATE_BOOLEAN))
$sent = mail($to, $subject, $msg_body, $header_str);
else
- $sent = mail($to, $subject, $msg_body, $header_str,
"-f$from");
+ $sent = mail($to, $subject, $msg_body, $header_str, '-f '
. escapeshellarg($from));
}
}
++++++ roundcubemail-httpd.conf ++++++
# You might want to set up a virtual host for the server, but it is
# not a requirement. You can as well reach the server under its
# common name under https://yourroundcubeserver.example.com/
#
# NameVirtualHost *
# <VirtualHost *>
# ServerName yourroundcubeserver.example.com
# DocumentRoot __ROUNDCUBEPATH__
<IfModule mod_alias.c>
Alias /roundcube __ROUNDCUBEPATH__
Alias /roundcubemail __ROUNDCUBEPATH__
</IfModule>
# AddDefaultCharset UTF-8
AddType text/x-component .htc
<Directory __ROUNDCUBEPATH__>
<IfModule mod_version.c>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule mod_access_compat.c>
Order allow,deny
Allow from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order allow,deny
Allow from all
</IfModule>
Options -Indexes +FollowSymLinks
<IfModule mod_php5.c>
php_flag display_errors Off
php_flag log_errors On
#php_value error_log logs/errors
php_value upload_max_filesize 5M
php_value post_max_size 6M
php_value memory_limit 64M
php_flag register_globals Off
php_flag zlib.output_compression Off
php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag zend.ze1_compatibility_mode Off
php_flag suhosin.session.encrypt Off
#php_value session.cookie_path /
php_flag session.auto_start Off
php_value session.gc_maxlifetime 21600
php_value session.gc_divisor 500
php_value session.gc_probability 1
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico
# security rules:
# - deny access to files not containing a dot or starting with a dot
# in all locations except installer directory
RewriteRule ^(?!installer|\.well-known\/)(\.?[^\.]+)$ - [F]
# - deny access to some locations
RewriteRule
^/?(\.git|\.tx|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps))
- [F]
# - deny access to some documentation files
RewriteRule
/?(README\.md|composer\.json-dist|composer\.json|package\.xml)$ - [F]
</IfModule>
<IfModule mod_deflate.c>
SetOutputFilter DEFLATE
</IfModule>
<IfModule mod_headers.c>
#Header merge Cache-Control public env=!NO_CACHE
</IfModule>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
</IfModule>
FileETag MTime Size
</Directory>
#
# Special directories
#
<Directory __ROUNDCUBEPATH__/bin>
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/config>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/logs>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/migration>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/migrated>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/plugins/enigma/home>
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/program>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule !^js|.*\.gif$ - [F]
</IfModule>
</Directory>
<Directory __ROUNDCUBEPATH__/temp>
Options -FollowSymLinks
AllowOverride None
<IfModule mod_version.c>
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</IfVersion>
</IfModule>
<IfModule !mod_version.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
#
# </VirtualHost>
++++++ roundcubemail-rpmlintrc ++++++
addFilter("E: devel-file-in-non-devel-package")
++++++ roundcubemail.logrotate ++++++
/var/log/roundcubemail/console /var/log/roundcubemail/errors
/var/log/roundcubemail/imap /var/log/roundcubemail/ldap
/var/log/roundcubemail/sendmail /var/log/roundcubemail/sieve
/var/log/roundcubemail/smtp /var/log/roundcubemail/sql
/var/log/roundcubemail/userlogins {
missingok
compress
notifempty
size 30k
create 0660 wwwrun www
}
