1 roundcube (0.3-1) unstable; urgency=low
3 * New upstream release. Closes: #545498.
4 * Update debconf translations:
5 + Italian, thanks to Luca Monducci. Closes: #544199.
6 + Czech, thanks to Miroslav Kure. Closes: #546413.
7 * Roundcube configuration now uses 'language' instead of 'locale_string'
8 to specify the default language. Update postinst to reflect this
9 change. Thanks to Richard van den Berg for noticing this. Closes: #544579.
10 * Depends on libjs-jquery (>= 1.3) since this is now used by roundcube.
11 * Don't ship any plugins for now but ship an empty plugins directory.
12 * Ship main .htaccess since it is needed to setup correctly PHP (for
13 example, to disable PHP Suhosin cookie encryption).
14 * Bump Standards-Version. No changes required.
16 -- Vincent Bernat <bernat@debian.org> Sun, 27 Sep 2009 11:00:30 +0200
18 roundcube (0.2.2-1) unstable; urgency=low
20 * New upstream release
21 * Bump Standards-Version. No changes required.
22 * Remove *.js.src which are not needed at runtime.
23 * Don't send email contents to Google by default by using php5-pspell
24 instead. Thanks to Anand Kumria. Closes: #529563.
25 * Update debconf translations:
26 + Basque, thanks to Piarres Beobide. Closes: #534282.
28 -- Vincent Bernat <bernat@debian.org> Sun, 05 Jul 2009 09:53:17 +0200
30 roundcube (0.2.1-2) unstable; urgency=low
32 * Update debconf translations:
33 + German, thanks to Helge Kreutzmann. Closes: #520004.
34 + Japanese, thanks to Hideki Yamane. Closes: #520024.
35 + Spanish, thanks to Francisco Javier. Closes: #526696.
36 + Russian, thanks to Yuri Kozlov. Closes: #528796.
37 * Depend on php-mdb2-* (>= 1.5.0b2) since it is needed to fix some
38 bugs. Closes: #519104, #519293. Remove not needed any more patch from
39 debian/patches/series. Keep it in debian/patches to help backports.
41 -- Vincent Bernat <bernat@debian.org> Sat, 16 May 2009 15:30:17 +0200
43 roundcube (0.2.1-1) unstable; urgency=low
45 * New upstream release:
46 + Fix use_packaged_tinymce.patch to apply to this new version
47 + Remove cve-2009-0413.patch which has been applied upstream
49 -- Vincent Bernat <bernat@debian.org> Sat, 14 Mar 2009 17:42:07 +0100
51 roundcube (0.2~stable-2) unstable; urgency=low
53 * Update debconf translations:
54 + French, thanks to Christian Perrier. Closes: #515806.
55 + Swedish, thanks to Martin Bagge. Closes: #516683.
56 * Drop virtual package roundcube-db and add dependencies on real package
57 instead: this way, we can have versioned dependencies on those to avoid
58 version mismatch between packages.
59 * Add a patch to not use a MDB2 feature not present in the Debian
60 package. Thanks to Grzegorz Sobański for the patch. Closes: #519104.
62 -- Vincent Bernat <bernat@debian.org> Wed, 11 Mar 2009 18:49:32 +0100
64 roundcube (0.2~stable-1) unstable; urgency=low
66 * New upstream version. Closes: #503573, #504570.
67 + Add SQL update scripts for this new release and for
68 0.2~alpha. Remove copy of SQL upgrade script from debian/rules.
69 + Remove patch for CVE-2008-5620 which is now fixed upstream.
70 + Remove patch correcting a vulnerability in html2text.php.
71 + Remove patch fixing login issue. This is fixed upstream.
72 + Remove patch setting the default backend to db instead of mdb2:
73 this is not possible any more. We depend on php-mdb2 now.
74 + Update patch to use packaged tinymce.
75 * Upload to unstable since Lenny is out.
76 * Apply fix for XSS issue (CVE-2009-0413). Closes: #514179.
77 * Remove hack to update a SQLite table for an upgrade from a quite old
79 * Fix pending l10n issues:
80 + Update English debconf template. Closes: #473794.
81 + Add Swedish translation thanks to Martin Bagge. Closes: #508752.
82 * Fix debian/copyright to make lintian happy.
84 -- Vincent Bernat <bernat@debian.org> Sun, 15 Feb 2009 16:18:58 +0100
86 roundcube (0.2~alpha-4) experimental; urgency=low
88 * Add missing ${misc:Depends} to make Lintian happy.
89 * Add description to each patch.
90 * Execute cron job only if the directory to clean exists.
91 * Reload web server configuration instead of restart, thanks to a patch
92 from Tiago Bortoletto Vaz. Closes: #508633.
93 * Fix a vulnerability in quota image generation. This fixes
94 CVE-2008-5620. Thanks to Nico Golde for reporting it. Closes: #509596.
95 * Add missing dependency on php5-gd, used for quota bar.
96 * For roundcube-pgsql, depends on postgresql-client only. This package
97 is provided by the currently supported real package.
99 -- Vincent Bernat <bernat@debian.org> Thu, 25 Dec 2008 11:38:13 +0100
101 roundcube (0.2~alpha-3) experimental; urgency=high
104 * Fix a vulnerability in the use of preg_replace (Closes: #508628).
105 * Adapt descriptions of roundcube-database packages to refer them as
106 metapackages instead of virtual package (Closes: #495434).
107 * Add robots.txt from upstream, even if in some configuration, it will
108 not be considered (Closes: #499108).
109 * Do not ship .htaccess files. Restrictions are set in Apache or
110 Lighttpd configuration files (Closes: #500202).
113 * Changed versioned dependency of rouncube from binary:Version to
114 source:Version since these are all architecture independent packages.
116 -- Vincent Bernat <bernat@debian.org> Sat, 13 Dec 2008 14:36:02 +0100
118 roundcube (0.2~alpha-2) experimental; urgency=low
121 * Fix lintian warnings introduced by previous upload
122 * Fix lighttpd.conf to make it work with latest versions (Closes: #494044)
123 * Do not prepend path to lighty util in postinst and postrm, as per
124 Policy Manual section 6.1
125 * Ship a bug/control file to have all bugs submitted against roundcube
127 * Fix debian/roundcube-core.cron.daily to use
128 /etc/default/roundcube-core instead of /etc/default/roundcube which
129 should not exist any more
132 * Versioned roundcube-core dependency for roundcube
134 -- Vincent Bernat <bernat@debian.org> Sat, 16 Aug 2008 13:22:08 +0200
136 roundcube (0.2~alpha-1) experimental; urgency=low
138 * New upstream release
139 * Update debian/watch file to correctly consider those new releases
140 * Remove the following patches:
141 + messageid-headers-ordering
143 + disable-tinymce-spellchecker
144 * Update the following patches:
145 + correct_install_path
146 + use_packaged_tinymce
147 * Add a new patch to fix a login problem
148 * Depends on tinymce >= 3
150 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 14:10:44 +0200
152 roundcube (0.1.1-7) unstable; urgency=low
154 * Another fix for incorrect tinymce path. This should be the last one!
156 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 12:36:59 +0200
158 roundcube (0.1.1-6) unstable; urgency=low
160 * Fix use_packaged_tinymce patch which was incorrect after switch to
163 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 12:19:16 +0200
165 roundcube (0.1.1-5) unstable; urgency=low
167 * Fix ordering of message-id in message headers, thanks to Reinhard
168 Tartler (Closes: #486493)
169 * Update Standards-Version to 3.8.0
171 -- Vincent Bernat <bernat@debian.org> Tue, 17 Jun 2008 00:33:40 +0200
173 roundcube (0.1.1-4) unstable; urgency=low
175 * Add Slovak debconf translation, thanks to Ivan Masár (Closes: #481376)
176 * Fix debian/copyright:
177 + RoundCube is GPL-2 licensed, not GPL-2+
178 + Add an explanation on the BSD license present at the top of
179 index.php (Closes: #477119)
180 * We do not support tinymce 3, yet. Depends on tinymce2 | tinymce (<<
181 3). Closes: #481145, #483053, #482295
183 -- Vincent Bernat <bernat@debian.org> Tue, 20 May 2008 20:51:52 +0200
185 roundcube (0.1.1-3) unstable; urgency=low
187 * Fix an error introduced when fixing bug #476803. Thanks to Micah
188 Anderson for spotting it (Closes: #479775).
189 * Avoid to pop language question at every upgrade. Thanks to Ivan Vucica
190 for spotting this. The problem lied in the use of db_metaget to get
191 the value of a key set by db_subst in a previous invocation. It seems
192 this is not possible any more (Closes: #480043). The fix implies that
193 we won't ask the question again if more languages are available since
196 -- Vincent Bernat <bernat@debian.org> Thu, 08 May 2008 09:50:24 +0200
198 roundcube (0.1.1-2) unstable; urgency=low
200 * Comment by default Alias directive for tinymce in Apache configuration
201 file (Closes: #476162).
202 * Allow to preseed language value (Closes: #476803).
204 -- Vincent Bernat <bernat@luffy.cx> Sat, 19 Apr 2008 16:50:28 +0200
206 roundcube (0.1.1-1) unstable; urgency=low
208 * New upstream release
209 - Copy old SQL upgrade scripts into debian/sql to allow upgrade from
210 versions older than 0.1
211 - Patch new MySQL upgrade script to fix a typo
212 * Debconf translation updates:
213 - Spanish. Closes: #473788
214 * Depends on php-mail-mime (>= 1.5.0) and drop compatibility patch
215 * Install upstream changelog in /usr/share/doc/roundcube*
217 -- Vincent Bernat <bernat@luffy.cx> Sat, 05 Apr 2008 18:16:33 +0200
219 roundcube (0.1-4) unstable; urgency=low
221 * Debconf translation updates:
222 - French. Closes: #469802
223 - Russian. Closes: #469847
224 - Galician. Closes: #469866
225 - German. Closes: #469875
226 - Finnish. Closes: #469922
227 - Italian. Closes: #469987
228 - Czech. Closes: #470150
229 - Portuguese. Closes: #470156
230 - Spanish. Closes: #470732
231 - Basque. Closes: #470871
232 - Arabic. Closes: #471470
234 -- Vincent Bernat <bernat@luffy.cx> Sat, 08 Mar 2008 11:15:00 +0100
236 roundcube (0.1-3) unstable; urgency=low
238 * Fix problem with too old php-mail-mime package (Closes: #469814)
240 -- Vincent Bernat <bernat@luffy.cx> Fri, 07 Mar 2008 11:06:49 +0100
242 roundcube (0.1-2) unstable; urgency=low
244 * Ship bin/ directory as well. This fix conversion from HTML to text in
246 * Disable spellchecker for tinymce since it is not shipped with Debian
249 -- Vincent Bernat <bernat@luffy.cx> Fri, 07 Mar 2008 09:42:39 +0100
251 roundcube (0.1-1) unstable; urgency=low
253 * New upstream release (Closes: #469487).
254 - This release seems to fix failure to set some fields when replying,
255 with bincimap as IMAP server (Closes: #443562)
256 - It also fixes the deletion of multiple messages, still with
257 bincimap (Closes: #451404)
258 * Remove 'ob_gzhandler.patch' and 'xss-fix.patch'. They have been
260 * Upstream has switched to MDB2 database backend which is not packaged
261 in Debian yet. We switch back to old backend.
262 * Fix debian/watch to handle correctly detection of new versions.
263 * Add support for lighttpd and remove support for older version of
264 Apache. The debconf question about webserver autoconfiguration is
265 reworded (Closes: #462961).
266 * Do not depend on a specific revision of cdbs.
267 * Move po-debconf from Build-Depends-Indep to Build-Depends since it is
268 needed for clean target.
269 * Correct path to /usr/share/file/magic, provided by libmagic1. Provide
270 license information about this file in debian/copyright.
272 -- Vincent Bernat <bernat@luffy.cx> Wed, 05 Mar 2008 20:49:03 +0100
274 roundcube (0.1~rc2-6) unstable; urgency=high
276 * Bug fix: "CVE-2007-6321: Cross-site scripting (XSS) vulnerability",
277 thanks to Micah Anderson (Closes: #455840). The patch is from
278 http://lists.roundcube.net/mail-archive/dev/2007-12/0000038.html and
279 provided by Robin Elfrink. It has been modified with some functions
280 stolen from Squirrelmail.
281 * Finnish debconf template, thanks to Esko Arajärvi (Closes: #458244).
283 -- Vincent Bernat <bernat@luffy.cx> Sat, 29 Dec 2007 21:55:17 +0100
285 roundcube (0.1~rc2-5) unstable; urgency=low
287 * Deal with old /etc/logrotate.d/roundcube by removing it if left
288 untouched (Closes: #456546). Also deal with /etc/default/roundcube and
289 /etc/cron.daily/roundcube.
291 -- Vincent Bernat <bernat@luffy.cx> Tue, 18 Dec 2007 23:02:46 +0100
293 roundcube (0.1~rc2-4) unstable; urgency=low
295 * Thightened dependencies for a safe upgrade
296 * Finally removed any circular dependency, -db packages no longer pull
297 a full roundcube install
299 -- Romain Beauxis <toots@rastageeks.org> Sun, 09 Dec 2007 14:24:24 +0100
301 roundcube (0.1~rc2-3) unstable; urgency=low
304 * Bumped standard version to 3.7.3 (no changes)
306 -- Romain Beauxis <toots@rastageeks.org> Sun, 09 Dec 2007 14:19:28 +0100
308 roundcube (0.1~rc2-2) experimental; urgency=low
311 * Fix a conflict between ob_gzhandler and zlib output compression,
312 thanks to kaouete (Closes: #450482).
315 * Fix tinymce patch and inclusion
317 * Splitted virtual packages to avoid circular dependencies.
318 Uploading to experimental, as this is an important change and we may
321 -- Romain Beauxis <toots@rastageeks.org> Mon, 26 Nov 2007 11:54:21 +0100
323 roundcube (0.1~rc2-1) unstable; urgency=low
325 * New upstream, thanks to Nicolas Stransky (Closes: #447503). This
326 release support tinymce as HTML editor. Look at README.Debian for more
328 * Update Galician debconf template, thanks to Jacobo Tarrio (Closes: #447943).
330 -- Vincent Bernat <bernat@luffy.cx> Mon, 29 Oct 2007 22:08:43 +0100
332 roundcube (0.1~rc1-3) unstable; urgency=low
334 * In respect to policy 12.3, do not put main.inc.php.dist in
335 /usr/share/doc, thanks to Jonas Smedegaard (Closes: #446502).
336 * Update German and French debconf templates, thanks to Christian
337 Perrier (Closes: #446458) and Helge Kreutzmann (Closes: #446532).
339 -- Vincent Bernat <bernat@luffy.cx> Sun, 14 Oct 2007 08:41:24 +0200
341 roundcube (0.1~rc1-2) unstable; urgency=low
343 * Fix dependencies by creating virtual packages for each database
344 backend, thanks to Joey Hess (Closes: #444925).
346 -- Vincent Bernat <bernat@luffy.cx> Tue, 02 Oct 2007 20:09:19 +0200
348 roundcube (0.1~rc1-1) unstable; urgency=low
350 * New upstream release
351 * Removed non gpl file des.inc
353 -- Romain Beauxis <toots@rastageeks.org> Tue, 24 Jul 2007 13:36:20 +0200
355 roundcube (0.1~rc1~dfsg-3) unstable; urgency=low
357 * Add php5-mcrypt dependency (Closes: #431177)
359 -- Vincent Bernat <bernat@luffy.cx> Sat, 30 Jun 2007 19:36:21 +0200
361 roundcube (0.1~rc1~dfsg-2) unstable; urgency=low
363 * Removed custom unix_timestamp for sqlite: solved upstream
364 * Debconf templates and debian/control reviewed by the debian-l10n-
365 english team as part of the Smith review project.
366 Closes: #426086, #427546, #427546
367 * Debconf translation updates:
368 - Galician. Closes: #426140
369 - Basque. Closes: #426150
370 - Czech. Closes: #426428
371 - Portuguese. Closes: #426451
372 - Arabic. Closes: #427110
373 - Italian. Closes: #427206
374 - German. Closes: #427536
375 - French. Closes: #427736
376 - Tamil. Closes: #428254
377 - Russian. Closes: #428364
378 - Spanish. Closes: #428573
380 -- Romain Beauxis <toots@rastageeks.org> Tue, 05 Jun 2007 15:22:36 +0200
382 roundcube (0.1~rc1~dfsg-1) unstable; urgency=low
385 * New upstream release
386 * Update script for sqlite in postinst
388 * Fixed dh_link calls
390 * Added custom patch to use php unix timestamp support
391 with sqlite since UNIX_TIMESTAMP is not supported by sqlite.
392 * Dropped php4 dependencies
394 -- Vincent Bernat <bernat@luffy.cx> Sun, 20 May 2007 13:59:44 +0200
396 roundcube (0.1~beta2.2~dfsg-2) unstable; urgency=low
398 * Fix a security issue by disallowing access to logs.
399 * First upload to unstable.
401 -- Vincent Bernat <bernat@luffy.cx> Sat, 5 May 2007 00:23:40 +0200
403 roundcube (0.1~beta2.2~dfsg-1) experimental; urgency=low
405 * Initial release. (Closes: #333756, #344949)
407 -- Romain Beauxis <toots@rastageeks.org> Tue, 13 Mar 2007 13:28:05 +0100