rpm/roundcubemail
SHA256
1
0
Fork 0
forked from pool/roundcubemail
Code Pull Requests Activity

Accepting request 821954 from server:php:applications

Browse Source 
update to 1.4.7 with security fix

OBS-URL: https://build.opensuse.org/request/show/821954
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/roundcubemail?expand=0&rev=65
This commit is contained in:
Dominique Leuenberger 2020-07-20 19:08:21 +00:00 committed by Git OBS Bridge
commit 0710eedf62
9 changed files with 81 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
roundcubemail-1.4.6-complete.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:55db5fae9f518e529aeb190166445bda3ceab94bf0277cbb03291bd0e4febd1b
size 7031573

17
roundcubemail-1.4.6-complete.tar.gz.asc
View File

@ -1,17 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQJHBAABCAAxFiEEiXDjemmK93XYfVkNwpRqlgnNVrQFAl7czK4THGRldnNAcm91
bmRjdWJlLm5ldAAKCRDClGqWCc1WtHWoD/9JkBY67BWBmYSUw75nlsI4yx39o4hb
Iw6OsrqWVtjgoxMr8JE3K0cwo9saHx7sNgXqD29ayFuqeIYTE8Gb2aexlesem5J8
z+BDdnDaqrWqxwJkStFAe/trgF5itEuW+MpADIsV51sk6/pQ/vi9A6WvmuozFsqv
giyE7YR23rx7Tqf0fM9sJcriGepZkyu5NjEqZT8G2UVf4ewKzyKHGZNtSyz7e9s0
Bn55+1Ak8Y3GPtnre376BVzLzzAbYzs1aa9Zr+VsxONZXEtwTS0ZEqco89HkWihN
mtLUimR0MeIoBIauVERUsOmHjVDmO6BWN/JiPu59xEho2ugIDvvI5/8SQF4Z386Q
h0g7AU51ya2Jz9k0u7QJ0zL9eAM1JW+cZYPepcRa21p/MKIBozfIuil9b4UoBjLs
VhUDR/KoZCbT9UqDKahgu/AqdBkxe4KcQYtn/LBvfKFLul6aKkTDToavG8MExZ8y
grOWwNOmBVbdh5jYLsIKQ36n0ISmh6ItM9LGpeqx/g1/PodAHBQybY5zs/gNMIix
mVJAIjMQexKsYueZ/WhPn4HFpDIPcbQ64Abmnk7N85TTK2es/l7U+X4sVPB9Ze0Y
MvZNS4gn3x2d3xhlytaIaSBID/PabJxMVM+MAUNNIbQDqxRuvcttXtpeCq9Oiwqr
XsYhel4zq465Sg==
=ql/T
-----END PGP SIGNATURE-----

3
roundcubemail-1.4.7-complete.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:26d85d27ff7ef491de09168a27df74a5574b7dd4127e6c2822c90a108c6aacc9
size 7031947

17
roundcubemail-1.4.7-complete.tar.gz.asc Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
iQJHBAABCAAxFiEEiXDjemmK93XYfVkNwpRqlgnNVrQFAl8CNNITHGRldnNAcm91
bmRjdWJlLm5ldAAKCRDClGqWCc1WtOxrEAC8CRrTFi4UfZ0meKMSz/8cghNLGokS
9xMVR7xZ+XO3S6GsFZjS+g+qKXmOzIUXMfS7h9qQRBQHzjWynDSwr79kCzJ4QPF8
yzdEpEWG2ycZmV6/312CvoPllbAZDQaNxIaW+jBtEmom5qzw9+V8bPgcpqJbBMBY
pr8jRaeEZ++cCS9jeUoIgCaGDbUZHGoGbnr4IE8JlfQD7vfbBdmnt8gr80BD22i2
XbL8Yw6jaaAA5aEl8bEjhbAYpm1xf/LQxAD1MXuIGK/HGdnOvsIN2LAdXDNUsORX
hEDW2R2JE82qfJJH26WbSLIxfUEmPCE+QI4kPdaCgYVbk/ZxnWhvfeF0Z0PIDmzC
JctmqlkQFrM+0/29cclhdbW2XdH/xr2R/iiqPGId5kaI1hyZkRwWbH94Mvk/VtBd
8mslKIiU1LMXOjKe6H7GOe4ier0wWePPO9U1KhRdlicdXBuxxqJxG6m2R/jjTvOD
/wIbABfEifOqhXq0BwPMTIYOvmCa9bPy6LsmNE5Pr6qpViTdA5eookkGcHuEWnPt
dT+r+iqJHA2zPWQ+tgy0XNNk/qSzKXRJI2x8lN/h1Csz1i/b2Ue2Zq/MtOOWzjJg
KlUOBo4qawwSTWn4uvoZgTpUYwp4SvHSxyt9O5OJsoVFEm4h1mFbUxLLYNcamK2A
TX/E12D3rviCjA==
=giko
-----END PGP SIGNATURE-----

6
roundcubemail-1.4.6-config_dir.patch → roundcubemail-1.4.7-config_dir.patch
View File

@ -1,7 +1,7 @@
Index: roundcubemail-1.4.4/program/include/iniset.php
Index: roundcubemail-1.4.7/program/include/iniset.php
===================================================================
--- roundcubemail-1.4.4.orig/program/include/iniset.php
+++ roundcubemail-1.4.4/program/include/iniset.php
--- roundcubemail-1.4.7.orig/program/include/iniset.php
+++ roundcubemail-1.4.7/program/include/iniset.php
@@ -28,7 +28,7 @@ if (!defined('INSTALL_PATH')) {
}

47
roundcubemail-httpd.conf
View File

@ -9,6 +9,7 @@
<IfModule mod_alias.c>
Alias /roundcube "__ROUNDCUBEPATH__/public_html"
Alias /roundcubemail "__ROUNDCUBEPATH__/public_html"
</IfModule>
@ -37,53 +38,11 @@ AddType text/x-component .htc
</IfModule>
<IfModule mod_php5.c>
php_flag display_errors Off
php_flag log_errors On
#php_value error_log logs/errors
php_value upload_max_filesize 5M
php_value post_max_size 6M
php_value memory_limit 64M
php_flag register_globals Off
php_flag zlib.output_compression Off
php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag suhosin.session.encrypt Off
#php_value session.cookie_path /
#php_value session.hash_function sha256
php_flag session.auto_start Off
php_value session.gc_maxlifetime 21600
php_value session.gc_divisor 500
php_value session.gc_probability 1
# http://bugs.php.net/bug.php?id=30766
php_value mbstring.func_overload 0
Include @apache_sysconfdir@/conf.d/@name@.inc
</IfModule>
<IfModule mod_php7.c>
php_flag display_errors Off
php_flag log_errors On
#php_value error_log logs/errors
php_value upload_max_filesize 5M
php_value post_max_size 6M
php_value memory_limit 64M
php_flag register_globals Off
php_flag zlib.output_compression Off
php_flag magic_quotes_gpc Off
php_flag magic_quotes_runtime Off
php_flag suhosin.session.encrypt Off
#php_value session.cookie_path /
#php_value session.hash_function sha256
php_flag session.auto_start Off
php_value session.gc_maxlifetime 21600
php_value session.gc_divisor 500
php_value session.gc_probability 1
# http://bugs.php.net/bug.php?id=30766
php_value mbstring.func_overload 0
Include @apache_sysconfdir@/conf.d/@name@.inc
</IfModule>
<IfModule mod_rewrite.c>

22
roundcubemail-httpd.inc Normal file
View File

@ -0,0 +1,22 @@
php_admin_flag display_errors off
php_admin_flag log_errors on
#php_admin_value error_log logs/errors
php_admin_flag magic_quotes_gpc off
php_admin_flag magic_quotes_runtime off
php_admin_flag register_globals off
php_admin_flag suhosin.session.encrypt off
php_admin_flag zlib.output_compression off
php_admin_value upload_max_filesize 5M
php_admin_value post_max_size 6M
php_admin_value memory_limit 64M
php_admin_flag session.auto_start off
#php_admin_value session.cookie_path /
#php_admin_value session.hash_function sha256
php_admin_value session.gc_maxlifetime 21600
php_admin_value session.gc_divisor 500
php_admin_value session.gc_probability 1
# http://bugs.php.net/bug.php?id=30766
php_admin_value mbstring.func_overload 0

21
roundcubemail.changes
View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Mon Jul 6 12:00:02 UTC 2020 - Michael Ströder <michael@stroeder.com>
- update to 1.4.7 with security fix:
* Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace
* Fix bug where subfolders of special folders could have been duplicated on folder list
* Increase maximum size of contact jobtitle and department fields to 128 characters
* Fix missing newline after the logged line when writing to stdout (#7418)
* Elastic: Fix context menu (paste) on the recipient input (#7431)
* Fix problem with forwarding inline images attached to messages with no HTML part (#7414)
* Fix problem with handling attached images with same name when using
database_attachments/redundant_attachments (#7455)
- renamed roundcubemail-1.4.6-config_dir.patch to
roundcubemail-1.4.7-config_dir.patch
-------------------------------------------------------------------
Fri Jul 3 18:43:00 UTC 2020 - chris@computersalat.de
- add http.inc file
* include one file for php5/php7 admin flags/values
-------------------------------------------------------------------
Sun Jun 7 14:27:25 UTC 2020 - Michael Ströder <michael@stroeder.com>

18
roundcubemail.spec
View File

@ -22,19 +22,20 @@
%define roundcubeconfigpath %{_sysconfdir}/%{name}
%define php_major_version %(php -r "echo PHP_MAJOR_VERSION;")
Name: roundcubemail
Version: 1.4.6
Version: 1.4.7
Release: 0
Summary: A browser-based multilingual IMAP client
License: GPL-3.0-or-later AND GPL-2.0-only AND BSD-3-Clause
Group: Productivity/Networking/Email/Clients
URL: https://www.roundcube.net/
Source0: https://github.com/roundcube/roundcubemail/releases/download/%{version}/%{name}-%{version}-complete.tar.gz
Source0: https://github.com/roundcube/%{name}/releases/download/%{version}/%{name}-%{version}-complete.tar.gz
Source1: %{name}-rpmlintrc
Source2: %{name}-httpd.conf
Source3: %{name}-httpd.inc
Source4: README.openSUSE
Source5: %{name}.logrotate
Source6: https://roundcube.net/download/pubkey.asc#/%{name}.keyring
Source7: https://github.com/roundcube/roundcubemail/releases/download/%{version}/%{name}-%{version}-complete.tar.gz.asc
Source7: https://github.com/roundcube/%{name}/releases/download/%{version}/%{name}-%{version}-complete.tar.gz.asc
Source8: robots.txt
# PATCH-FIX-OPENSUSE roundcubemail-1.1-beta-config_dir.patch -- use the general config directory /etc
Patch0: %{name}-%{version}-config_dir.patch
@ -169,8 +170,12 @@ for file in _styles.less _variables.less ; do
done
# install httpd.conf file and adapt the configuration
install -d -m 0755 %{buildroot}/%{apache_sysconfdir}/conf.d
sed -e "s#__ROUNDCUBEPATH__#%{roundcubepath}#g" %{SOURCE2} > %{buildroot}%{apache_sysconfdir}/conf.d/roundcubemail.conf
install -D -m0644 %{SOURCE3} %{buildroot}%{apache_sysconfdir}/conf.d/%{name}.inc
# fix paths in http config
sed -e "s#__ROUNDCUBEPATH__#%{roundcubepath}#g" \
-e "s,@apache_sysconfdir@,%{apache_sysconfdir},g" \
-e "s,@name@,%{name},g" \
%{SOURCE2} > %{buildroot}%{apache_sysconfdir}/conf.d/%{name}.conf
# install docs
install -d -m 0755 %{buildroot}/%{_defaultdocdir}/%{name}
@ -323,7 +328,8 @@ exit 0
%config %{roundcubeconfigpath}/config.inc.php.sample
%config %{roundcubeconfigpath}/defaults.inc.php
%config %{roundcubeconfigpath}/mimetypes.php
%config(noreplace) %{apache_sysconfdir}/conf.d/roundcubemail.conf
%config(noreplace) %{apache_sysconfdir}/conf.d/%{name}.conf
%config(noreplace) %{apache_sysconfdir}/conf.d/%{name}.inc
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%config(noreplace) %{roundcubeconfigpath}/skins/elastic/styles/_styles.less
%config(noreplace) %{roundcubeconfigpath}/skins/elastic/styles/_variables.less