1 roundcube (0.7.2-2) UNRELEASED; urgency=low
3 * Rotate /var/log/roundcube/session. Closes: #671472.
4 * Fix rights of files generated by UCF. Closes: #671474.
6 -- Vincent Bernat <bernat@debian.org> Fri, 04 May 2012 18:58:34 +0200
8 roundcube (0.7.2-1) unstable; urgency=low
10 * New upstream version.
11 * Bump Standards-Version. No changes required.
12 * Depends on php-mail-mime (>= 1.8.2). Closes: #656243.
14 -- Vincent Bernat <bernat@debian.org> Sat, 28 Apr 2012 10:29:15 +0200
16 roundcube (0.7.1-2) unstable; urgency=high
18 * Remove roundcube-sqlite package since php5 package does not ship
19 SQLite 2.x support anymore. Roundcube is incompatible with SQLite 3.x.
21 * Urgency set to high for php5 migration into testing.
23 -- Vincent Bernat <bernat@debian.org> Tue, 07 Feb 2012 17:37:52 +0100
25 roundcube (0.7.1-1) unstable; urgency=low
27 * New upstream version. Closes: #656093.
28 * Add Dutch debconf translation, thanks to Jeroen Schot.
31 -- Vincent Bernat <bernat@debian.org> Tue, 17 Jan 2012 08:57:11 +0100
33 roundcube (0.7-3) unstable; urgency=low
35 * Ship jqueryui plugin. Closes: #653274.
36 + Depend on libjs-jquery-ui package (instead of builtin copy).
37 + Conflict with versions of roundcube-plugins-extra providing this
39 * More SQL fixes on update. Closes: #654297.
41 -- Vincent Bernat <bernat@debian.org> Mon, 02 Jan 2012 21:45:42 +0100
43 roundcube (0.7-2) unstable; urgency=low
45 * Fix SQLite upgrade file. Closes: #653217.
46 * Also fixes MySQL upgrade file and SQLite regular file.
48 -- Vincent Bernat <bernat@debian.org> Sun, 25 Dec 2011 16:14:04 +0100
50 roundcube (0.7-1) unstable; urgency=low
52 * New upstream version. Closes: #652564.
53 + Does not ship SWF with TinyMCE anymore.
55 -- Vincent Bernat <bernat@debian.org> Fri, 23 Dec 2011 22:04:39 +0100
57 roundcube (0.6+dfsg-1) unstable; urgency=low
59 * New upstream version. Closes: #643707.
60 + Repack to remove SWF file without source from TinyMCE.
61 + Add SQL upgrade procedures.
62 + Add new plugins: acl, enigma and newmail_notifier.
63 + Update jQuery dependency to jQuery 1.6.4.
65 -- Vincent Bernat <bernat@debian.org> Sun, 02 Oct 2011 15:20:57 +0200
67 roundcube (0.5.4+dfsg-1) unstable; urgency=high
70 * New upstream version.
71 + Fix XSS vulnerability in UI messages (Closes: #641996).
72 * Switch to Git for version control thanks to Jérémy
73 Bobbio. debian/control updated.
74 * Ship INSTALL. Closes: #633698.
77 * Re-add 'password' plugin to roundcube-plugins.
79 -- Vincent Bernat <bernat@debian.org> Wed, 13 Jul 2011 08:33:01 +0200
81 roundcube (0.5.3+dfsg-1) unstable; urgency=low
83 * New upstream release.
84 + Fix identities "reply-to" and "bcc" fields have a bogus value when
85 left empty (Closes: #628553).
87 -- Vincent Bernat <bernat@debian.org> Fri, 10 Jun 2011 22:48:57 +0200
89 roundcube (0.5.2+dfsg-1) unstable; urgency=low
91 * New upstream release
92 * Update logrotate configuration. Closes: #619410.
93 * Make debian-db.php owned by root. This really closes: #608976.
94 * Bump Standards-Version. No changes required.
96 -- Vincent Bernat <bernat@debian.org> Sun, 24 Apr 2011 00:35:34 +0200
98 roundcube (0.5.1+dfsg-7) unstable; urgency=low
100 * Make dbconfig-common use sqlite by default to ensure that the package
101 can be configured non-interactively in most cases. Closes: #617754.
103 -- Vincent Bernat <bernat@debian.org> Fri, 11 Mar 2011 09:08:32 +0100
105 roundcube (0.5.1+dfsg-6) unstable; urgency=low
107 * Handle incorrect upgrade from 0.3.1-6 when "changed" column already
108 exists for table "identities". Closes: #617312.
110 -- Vincent Bernat <bernat@debian.org> Tue, 08 Mar 2011 07:37:56 +0100
112 roundcube (0.5.1+dfsg-5) unstable; urgency=low
114 * Don't use awk. Use plain shell to modify main.inc.php.
117 -- Vincent Bernat <bernat@debian.org> Fri, 04 Mar 2011 20:46:57 +0100
119 roundcube (0.5.1+dfsg-4) unstable; urgency=low
121 * Fix debian/watch to remove "+dfsg" suffix.
122 * Use awk instead of sed to modify main.inc.php. Closes: #615277.
124 -- Vincent Bernat <bernat@debian.org> Tue, 01 Mar 2011 19:59:00 +0100
126 roundcube (0.5.1+dfsg-3) unstable; urgency=low
128 * Install show_additional_headers plugin in roundcube-plugins package.
129 * Use dbconfig-common to force some upgrade commands using some ugly
130 hacks. This should fix any remaining problems with MySQL
131 upgrade. Closes: #613586.
133 -- Vincent Bernat <bernat@debian.org> Fri, 18 Feb 2011 22:04:12 +0100
135 roundcube (0.5.1+dfsg-2) unstable; urgency=low
137 * Remove all "ADD INDEX" from MySQL 0.5-1 upgrade file and put them in
138 postinst script. If you have a problem during the upgrade, please, let
139 me know. This upload is only done to prevent users who did not upgrade
140 to 0.5 yet to have a problem during their upgrade. If you already
141 upgraded to 0.5 and if the upgrade failed (or if some feature are
142 missing like identities management), please look at bug #613586.
144 -- Vincent Bernat <bernat@debian.org> Wed, 16 Feb 2011 20:54:48 +0100
146 roundcube (0.5.1+dfsg-1) unstable; urgency=low
148 * Add plugins. Closes: #550454.
149 * Rewrite (and update) of debian/copyright.
150 * Use of yui-compressor to re-minify Javascript files.
151 * Drop correct-magic-path.patch: libmagic1 now provides a symlink to the
152 correct location since 4.24-4.
153 * Repack orig.tar.gz to remove swf file shipped with TinyMCE with no
156 -- Vincent Bernat <bernat@debian.org> Mon, 14 Feb 2011 22:33:51 +0100
158 roundcube (0.5.1-1) unstable; urgency=low
160 * New upstream version. Some bugs are corrected in this release or in a
162 + when switching to HTML mode, content type is now correctly set.
164 + header delimiters handling has been fixed in 0.5.
166 * Don't assign "skins" directory to www-data. Closes: #612552.
167 * Add instructions on how to install and upgrade when not using
168 dbconfig-common. We do not ship UPGRADING file any more since it is
169 misleading. Closes: #612511.
170 * Fix MySQL indexes if upgrading from 0.5-2 or lesser. Closes: #610725.
171 * Rework how symlinks work. The only directory to use is
172 /var/lib/roundcube. We use symlink from /usr/share/roundcube to
173 /var/lib/roundcube and not the other way. Moreover, plugins and skins
174 are also symlinked. A user should be able to add plugins and skins in
175 /var/lib/roundcube while default ones are in
176 /usr/share/roundcube. Closes: #612553.
178 -- Vincent Bernat <bernat@debian.org> Wed, 09 Feb 2011 07:32:42 +0100
180 roundcube (0.5-2) experimental; urgency=low
182 * If 0.3.1 was installed from scratch, upgrade does not work on MySQL
183 and PostgreSQL because we try to create an index which already
184 exists. With SQLite, the error is ignored, no fix needed. When using
185 PostgreSQL, fix this by dropping the index if it already
186 exists. Nothing similar seems to exist with MySQL. Therefore, just
187 don't create the index. We need to handle this later. See bug
188 #610725. Not closing.
190 -- Vincent Bernat <bernat@debian.org> Fri, 21 Jan 2011 21:44:05 +0100
192 roundcube (0.5-1) experimental; urgency=low
194 * New upstream release. Closes: #592312.
195 + Drop patches included upstream (DNS prefetching, jQuery 1.4
196 handling, email address validation, duplicate headers, incorrectly
197 formatted received headers). Adapt other patches. One of the patch
198 now correctly states to use dpkg-reconfigure roundcube-core.
200 + Update SQL commands to use to upgrade database.
201 That also closes: #602922. Unfortunately, the user may get some
202 harmless error messages because there is no way to know if
203 0.3.1 was installed from scratch or upgraded from 0.3.
204 + Update dependencies to match INSTALL file. Only exception is the
205 use of Mail_Mime 1.8.0 in place of 1.8.1 which is not available in
206 Debian. We depends on jQuery 1.4.2 because 1.4.4 is not available in
208 + All folders are correctly checked since 0.4. Closes: #552430.
209 + Also, closes: #553194 since it seems to have been fixed too.
210 + There is also the possibility to not top-quote since 0.4.
212 + Closes: #602144. Also fixed.
213 * Move .htaccess to /etc/roundcube and use a symlink (Closes: #591369).
214 * Don't let www-data overwrite debian-db.php. Closes: #608976.
215 * Bump Standards-Version. No changes required.
217 -- Vincent Bernat <bernat@debian.org> Sat, 15 Jan 2011 12:40:27 +0100
219 roundcube (0.3.1-6) unstable; urgency=low
221 * Update Arabic debconf translation, thanks to Ossama Khayat.
223 * Update Portuguese debconf translation, thanks to Christian Perrier.
225 * Add a patch to avoid duplicate boundaries in headers when adding an
226 attachment. Closes: #599586.
228 -- Vincent Bernat <bernat@debian.org> Mon, 18 Oct 2010 23:14:37 +0200
230 roundcube (0.3.1-5) unstable; urgency=low
232 * Depends on php-mail-mime 1.7.0 or more recent to handle correctly
233 'mime_param_folding' directive. Closes: #588295.
234 * Add Danish debconf translation, thanks to Joe Dalton.
236 * Add a patch to fix Received header to behave better with Spam
237 Assassin. Closes: #595204.
239 -- Vincent Bernat <bernat@debian.org> Thu, 02 Sep 2010 07:54:58 +0200
241 roundcube (0.3.1-4) unstable; urgency=low
243 * Update README.Debian to state that the variable to modify is
244 'htmleditor' instead of 'enable_htmleditor'. Thanks to Hans
245 Spaans. Closes: #575556.
246 * Add Brazilian Portuguese debconf translation, thanks to Eder
247 L. Marques. Closes: #581745.
248 * Switch default encoding to UTF-8 instead of ISO-8859-1.
250 * Add more explanations on how to install roundcube in a Debian system
251 in README.Debian. Closes: #584458, #582894.
252 * Bump Standards-Version. No changes required.
253 * Switch to 3.0 (quilt) format.
254 * Use Breaks instead of Conflicts to move files from older roundcube
257 -- Vincent Bernat <bernat@debian.org> Sat, 17 Jul 2010 17:23:30 +0200
259 roundcube (0.3.1-3) unstable; urgency=high
261 * RFC 5321, section 4.5.3.1, asks to not impose any limits on length if
262 possible. We respect this by dropping limitation of the local-part of
263 an email address. Closes: #568360, #568537.
264 * Suggests php-auth-sasl to enable use of SASL mechanisms for mail
265 servers. Closes: #567550.
266 * Disable DNS prefetching to avoid information leakage through links
267 embedded in messages. This fixes CVE-2010-0464. Closes: #569660.
268 * Bump Standards-Version. No changes required.
270 -- Vincent Bernat <bernat@debian.org> Sat, 13 Feb 2010 10:21:49 +0100
272 roundcube (0.3.1-2) unstable; urgency=low
274 * Fix VCS links in debian/control, thanks to Torsten Landschoff.
276 * Really ship NEWS.Debian.
277 * Add changesets 3170 and 3202 from upstream to handle gracefully jQuery
278 1.4. Thanks to Volker Gropp for the report. Closes: #565715.
280 -- Vincent Bernat <bernat@debian.org> Mon, 18 Jan 2010 23:11:01 +0100
282 roundcube (0.3.1-1) unstable; urgency=low
284 * New upstream release.
285 * Add a notice in NEWS.Debian about php.ini options that should be set
286 to get Roundcube working properly. Closes: #549428, #552508.
288 -- Vincent Bernat <bernat@debian.org> Sat, 07 Nov 2009 17:41:37 +0100
290 roundcube (0.3-2) unstable; urgency=low
292 * Really fix #544579 since the default value is null without
293 quotes. This really Closes: #544579.
294 * Enlarge login box to accommodate sk_SK locale. Closes: #542933.
296 -- Vincent Bernat <bernat@debian.org> Sun, 27 Sep 2009 11:26:56 +0200
298 roundcube (0.3-1) unstable; urgency=low
300 * New upstream release. Closes: #545498.
301 * Update debconf translations:
302 + Italian, thanks to Luca Monducci. Closes: #544199.
303 + Czech, thanks to Miroslav Kure. Closes: #546413.
304 * Roundcube configuration now uses 'language' instead of 'locale_string'
305 to specify the default language. Update postinst to reflect this
306 change. Thanks to Richard van den Berg for noticing this. Closes: #544579.
307 * Depends on libjs-jquery (>= 1.3) since this is now used by roundcube.
308 * Don't ship any plugins for now but ship an empty plugins directory.
309 * Ship main .htaccess since it is needed to setup correctly PHP (for
310 example, to disable PHP Suhosin cookie encryption).
311 * Bump Standards-Version. No changes required.
313 -- Vincent Bernat <bernat@debian.org> Sun, 27 Sep 2009 11:00:30 +0200
315 roundcube (0.2.2-1) unstable; urgency=low
317 * New upstream release
318 * Bump Standards-Version. No changes required.
319 * Remove *.js.src which are not needed at runtime.
320 * Don't send email contents to Google by default by using php5-pspell
321 instead. Thanks to Anand Kumria. Closes: #529563.
322 * Update debconf translations:
323 + Basque, thanks to Piarres Beobide. Closes: #534282.
325 -- Vincent Bernat <bernat@debian.org> Sun, 05 Jul 2009 09:53:17 +0200
327 roundcube (0.2.1-2) unstable; urgency=low
329 * Update debconf translations:
330 + German, thanks to Helge Kreutzmann. Closes: #520004.
331 + Japanese, thanks to Hideki Yamane. Closes: #520024.
332 + Spanish, thanks to Francisco Javier. Closes: #526696.
333 + Russian, thanks to Yuri Kozlov. Closes: #528796.
334 * Depend on php-mdb2-* (>= 1.5.0b2) since it is needed to fix some
335 bugs. Closes: #519104, #519293. Remove not needed any more patch from
336 debian/patches/series. Keep it in debian/patches to help backports.
338 -- Vincent Bernat <bernat@debian.org> Sat, 16 May 2009 15:30:17 +0200
340 roundcube (0.2.1-1) unstable; urgency=low
342 * New upstream release:
343 + Fix use_packaged_tinymce.patch to apply to this new version
344 + Remove cve-2009-0413.patch which has been applied upstream
346 -- Vincent Bernat <bernat@debian.org> Sat, 14 Mar 2009 17:42:07 +0100
348 roundcube (0.2~stable-2) unstable; urgency=low
350 * Update debconf translations:
351 + French, thanks to Christian Perrier. Closes: #515806.
352 + Swedish, thanks to Martin Bagge. Closes: #516683.
353 * Drop virtual package roundcube-db and add dependencies on real package
354 instead: this way, we can have versioned dependencies on those to avoid
355 version mismatch between packages.
356 * Add a patch to not use a MDB2 feature not present in the Debian
357 package. Thanks to Grzegorz Sobański for the patch. Closes: #519104.
359 -- Vincent Bernat <bernat@debian.org> Wed, 11 Mar 2009 18:49:32 +0100
361 roundcube (0.2~stable-1) unstable; urgency=low
363 * New upstream version. Closes: #503573, #504570.
364 + Add SQL update scripts for this new release and for
365 0.2~alpha. Remove copy of SQL upgrade script from debian/rules.
366 + Remove patch for CVE-2008-5620 which is now fixed upstream.
367 + Remove patch correcting a vulnerability in html2text.php.
368 + Remove patch fixing login issue. This is fixed upstream.
369 + Remove patch setting the default backend to db instead of mdb2:
370 this is not possible any more. We depend on php-mdb2 now.
371 + Update patch to use packaged tinymce.
372 * Upload to unstable since Lenny is out.
373 * Apply fix for XSS issue (CVE-2009-0413). Closes: #514179.
374 * Remove hack to update a SQLite table for an upgrade from a quite old
375 version of roundcube.
376 * Fix pending l10n issues:
377 + Update English debconf template. Closes: #473794.
378 + Add Swedish translation thanks to Martin Bagge. Closes: #508752.
379 * Fix debian/copyright to make lintian happy.
381 -- Vincent Bernat <bernat@debian.org> Sun, 15 Feb 2009 16:18:58 +0100
383 roundcube (0.2~alpha-4) experimental; urgency=low
385 * Add missing ${misc:Depends} to make Lintian happy.
386 * Add description to each patch.
387 * Execute cron job only if the directory to clean exists.
388 * Reload web server configuration instead of restart, thanks to a patch
389 from Tiago Bortoletto Vaz. Closes: #508633.
390 * Fix a vulnerability in quota image generation. This fixes
391 CVE-2008-5620. Thanks to Nico Golde for reporting it. Closes: #509596.
392 * Add missing dependency on php5-gd, used for quota bar.
393 * For roundcube-pgsql, depends on postgresql-client only. This package
394 is provided by the currently supported real package.
396 -- Vincent Bernat <bernat@debian.org> Thu, 25 Dec 2008 11:38:13 +0100
398 roundcube (0.2~alpha-3) experimental; urgency=high
401 * Fix a vulnerability in the use of preg_replace (Closes: #508628).
402 * Adapt descriptions of roundcube-database packages to refer them as
403 metapackages instead of virtual package (Closes: #495434).
404 * Add robots.txt from upstream, even if in some configuration, it will
405 not be considered (Closes: #499108).
406 * Do not ship .htaccess files. Restrictions are set in Apache or
407 Lighttpd configuration files (Closes: #500202).
410 * Changed versioned dependency of rouncube from binary:Version to
411 source:Version since these are all architecture independent packages.
413 -- Vincent Bernat <bernat@debian.org> Sat, 13 Dec 2008 14:36:02 +0100
415 roundcube (0.2~alpha-2) experimental; urgency=low
418 * Fix lintian warnings introduced by previous upload
419 * Fix lighttpd.conf to make it work with latest versions (Closes: #494044)
420 * Do not prepend path to lighty util in postinst and postrm, as per
421 Policy Manual section 6.1
422 * Ship a bug/control file to have all bugs submitted against roundcube
424 * Fix debian/roundcube-core.cron.daily to use
425 /etc/default/roundcube-core instead of /etc/default/roundcube which
426 should not exist any more
429 * Versioned roundcube-core dependency for roundcube
431 -- Vincent Bernat <bernat@debian.org> Sat, 16 Aug 2008 13:22:08 +0200
433 roundcube (0.2~alpha-1) experimental; urgency=low
435 * New upstream release
436 * Update debian/watch file to correctly consider those new releases
437 * Remove the following patches:
438 + messageid-headers-ordering
440 + disable-tinymce-spellchecker
441 * Update the following patches:
442 + correct_install_path
443 + use_packaged_tinymce
444 * Add a new patch to fix a login problem
445 * Depends on tinymce >= 3
447 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 14:10:44 +0200
449 roundcube (0.1.1-7) unstable; urgency=low
451 * Another fix for incorrect tinymce path. This should be the last one!
453 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 12:36:59 +0200
455 roundcube (0.1.1-6) unstable; urgency=low
457 * Fix use_packaged_tinymce patch which was incorrect after switch to
460 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 12:19:16 +0200
462 roundcube (0.1.1-5) unstable; urgency=low
464 * Fix ordering of message-id in message headers, thanks to Reinhard
465 Tartler (Closes: #486493)
466 * Update Standards-Version to 3.8.0
468 -- Vincent Bernat <bernat@debian.org> Tue, 17 Jun 2008 00:33:40 +0200
470 roundcube (0.1.1-4) unstable; urgency=low
472 * Add Slovak debconf translation, thanks to Ivan Masár (Closes: #481376)
473 * Fix debian/copyright:
474 + RoundCube is GPL-2 licensed, not GPL-2+
475 + Add an explanation on the BSD license present at the top of
476 index.php (Closes: #477119)
477 * We do not support tinymce 3, yet. Depends on tinymce2 | tinymce (<<
478 3). Closes: #481145, #483053, #482295
480 -- Vincent Bernat <bernat@debian.org> Tue, 20 May 2008 20:51:52 +0200
482 roundcube (0.1.1-3) unstable; urgency=low
484 * Fix an error introduced when fixing bug #476803. Thanks to Micah
485 Anderson for spotting it (Closes: #479775).
486 * Avoid to pop language question at every upgrade. Thanks to Ivan Vucica
487 for spotting this. The problem lied in the use of db_metaget to get
488 the value of a key set by db_subst in a previous invocation. It seems
489 this is not possible any more (Closes: #480043). The fix implies that
490 we won't ask the question again if more languages are available since
493 -- Vincent Bernat <bernat@debian.org> Thu, 08 May 2008 09:50:24 +0200
495 roundcube (0.1.1-2) unstable; urgency=low
497 * Comment by default Alias directive for tinymce in Apache configuration
498 file (Closes: #476162).
499 * Allow to preseed language value (Closes: #476803).
501 -- Vincent Bernat <bernat@luffy.cx> Sat, 19 Apr 2008 16:50:28 +0200
503 roundcube (0.1.1-1) unstable; urgency=low
505 * New upstream release
506 - Copy old SQL upgrade scripts into debian/sql to allow upgrade from
507 versions older than 0.1
508 - Patch new MySQL upgrade script to fix a typo
509 * Debconf translation updates:
510 - Spanish. Closes: #473788
511 * Depends on php-mail-mime (>= 1.5.0) and drop compatibility patch
512 * Install upstream changelog in /usr/share/doc/roundcube*
514 -- Vincent Bernat <bernat@luffy.cx> Sat, 05 Apr 2008 18:16:33 +0200
516 roundcube (0.1-4) unstable; urgency=low
518 * Debconf translation updates:
519 - French. Closes: #469802
520 - Russian. Closes: #469847
521 - Galician. Closes: #469866
522 - German. Closes: #469875
523 - Finnish. Closes: #469922
524 - Italian. Closes: #469987
525 - Czech. Closes: #470150
526 - Portuguese. Closes: #470156
527 - Spanish. Closes: #470732
528 - Basque. Closes: #470871
529 - Arabic. Closes: #471470
531 -- Vincent Bernat <bernat@luffy.cx> Sat, 08 Mar 2008 11:15:00 +0100
533 roundcube (0.1-3) unstable; urgency=low
535 * Fix problem with too old php-mail-mime package (Closes: #469814)
537 -- Vincent Bernat <bernat@luffy.cx> Fri, 07 Mar 2008 11:06:49 +0100
539 roundcube (0.1-2) unstable; urgency=low
541 * Ship bin/ directory as well. This fix conversion from HTML to text in
543 * Disable spellchecker for tinymce since it is not shipped with Debian
546 -- Vincent Bernat <bernat@luffy.cx> Fri, 07 Mar 2008 09:42:39 +0100
548 roundcube (0.1-1) unstable; urgency=low
550 * New upstream release (Closes: #469487).
551 - This release seems to fix failure to set some fields when replying,
552 with bincimap as IMAP server (Closes: #443562)
553 - It also fixes the deletion of multiple messages, still with
554 bincimap (Closes: #451404)
555 * Remove 'ob_gzhandler.patch' and 'xss-fix.patch'. They have been
557 * Upstream has switched to MDB2 database backend which is not packaged
558 in Debian yet. We switch back to old backend.
559 * Fix debian/watch to handle correctly detection of new versions.
560 * Add support for lighttpd and remove support for older version of
561 Apache. The debconf question about webserver autoconfiguration is
562 reworded (Closes: #462961).
563 * Do not depend on a specific revision of cdbs.
564 * Move po-debconf from Build-Depends-Indep to Build-Depends since it is
565 needed for clean target.
566 * Correct path to /usr/share/file/magic, provided by libmagic1. Provide
567 license information about this file in debian/copyright.
569 -- Vincent Bernat <bernat@luffy.cx> Wed, 05 Mar 2008 20:49:03 +0100
571 roundcube (0.1~rc2-6) unstable; urgency=high
573 * Bug fix: "CVE-2007-6321: Cross-site scripting (XSS) vulnerability",
574 thanks to Micah Anderson (Closes: #455840). The patch is from
575 http://lists.roundcube.net/mail-archive/dev/2007-12/0000038.html and
576 provided by Robin Elfrink. It has been modified with some functions
577 stolen from Squirrelmail.
578 * Finnish debconf template, thanks to Esko Arajärvi (Closes: #458244).
580 -- Vincent Bernat <bernat@luffy.cx> Sat, 29 Dec 2007 21:55:17 +0100
582 roundcube (0.1~rc2-5) unstable; urgency=low
584 * Deal with old /etc/logrotate.d/roundcube by removing it if left
585 untouched (Closes: #456546). Also deal with /etc/default/roundcube and
586 /etc/cron.daily/roundcube.
588 -- Vincent Bernat <bernat@luffy.cx> Tue, 18 Dec 2007 23:02:46 +0100
590 roundcube (0.1~rc2-4) unstable; urgency=low
592 * Thightened dependencies for a safe upgrade
593 * Finally removed any circular dependency, -db packages no longer pull
594 a full roundcube install
596 -- Romain Beauxis <toots@rastageeks.org> Sun, 09 Dec 2007 14:24:24 +0100
598 roundcube (0.1~rc2-3) unstable; urgency=low
601 * Bumped standard version to 3.7.3 (no changes)
603 -- Romain Beauxis <toots@rastageeks.org> Sun, 09 Dec 2007 14:19:28 +0100
605 roundcube (0.1~rc2-2) experimental; urgency=low
608 * Fix a conflict between ob_gzhandler and zlib output compression,
609 thanks to kaouete (Closes: #450482).
612 * Fix tinymce patch and inclusion
614 * Splitted virtual packages to avoid circular dependencies.
615 Uploading to experimental, as this is an important change and we may
618 -- Romain Beauxis <toots@rastageeks.org> Mon, 26 Nov 2007 11:54:21 +0100
620 roundcube (0.1~rc2-1) unstable; urgency=low
622 * New upstream, thanks to Nicolas Stransky (Closes: #447503). This
623 release support tinymce as HTML editor. Look at README.Debian for more
625 * Update Galician debconf template, thanks to Jacobo Tarrio (Closes: #447943).
627 -- Vincent Bernat <bernat@luffy.cx> Mon, 29 Oct 2007 22:08:43 +0100
629 roundcube (0.1~rc1-3) unstable; urgency=low
631 * In respect to policy 12.3, do not put main.inc.php.dist in
632 /usr/share/doc, thanks to Jonas Smedegaard (Closes: #446502).
633 * Update German and French debconf templates, thanks to Christian
634 Perrier (Closes: #446458) and Helge Kreutzmann (Closes: #446532).
636 -- Vincent Bernat <bernat@luffy.cx> Sun, 14 Oct 2007 08:41:24 +0200
638 roundcube (0.1~rc1-2) unstable; urgency=low
640 * Fix dependencies by creating virtual packages for each database
641 backend, thanks to Joey Hess (Closes: #444925).
643 -- Vincent Bernat <bernat@luffy.cx> Tue, 02 Oct 2007 20:09:19 +0200
645 roundcube (0.1~rc1-1) unstable; urgency=low
647 * New upstream release
648 * Removed non gpl file des.inc
650 -- Romain Beauxis <toots@rastageeks.org> Tue, 24 Jul 2007 13:36:20 +0200
652 roundcube (0.1~rc1~dfsg-3) unstable; urgency=low
654 * Add php5-mcrypt dependency (Closes: #431177)
656 -- Vincent Bernat <bernat@luffy.cx> Sat, 30 Jun 2007 19:36:21 +0200
658 roundcube (0.1~rc1~dfsg-2) unstable; urgency=low
660 * Removed custom unix_timestamp for sqlite: solved upstream
661 * Debconf templates and debian/control reviewed by the debian-l10n-
662 english team as part of the Smith review project.
663 Closes: #426086, #427546, #427546
664 * Debconf translation updates:
665 - Galician. Closes: #426140
666 - Basque. Closes: #426150
667 - Czech. Closes: #426428
668 - Portuguese. Closes: #426451
669 - Arabic. Closes: #427110
670 - Italian. Closes: #427206
671 - German. Closes: #427536
672 - French. Closes: #427736
673 - Tamil. Closes: #428254
674 - Russian. Closes: #428364
675 - Spanish. Closes: #428573
677 -- Romain Beauxis <toots@rastageeks.org> Tue, 05 Jun 2007 15:22:36 +0200
679 roundcube (0.1~rc1~dfsg-1) unstable; urgency=low
682 * New upstream release
683 * Update script for sqlite in postinst
685 * Fixed dh_link calls
687 * Added custom patch to use php unix timestamp support
688 with sqlite since UNIX_TIMESTAMP is not supported by sqlite.
689 * Dropped php4 dependencies
691 -- Vincent Bernat <bernat@luffy.cx> Sun, 20 May 2007 13:59:44 +0200
693 roundcube (0.1~beta2.2~dfsg-2) unstable; urgency=low
695 * Fix a security issue by disallowing access to logs.
696 * First upload to unstable.
698 -- Vincent Bernat <bernat@luffy.cx> Sat, 5 May 2007 00:23:40 +0200
700 roundcube (0.1~beta2.2~dfsg-1) experimental; urgency=low
702 * Initial release. (Closes: #333756, #344949)
704 -- Romain Beauxis <toots@rastageeks.org> Tue, 13 Mar 2007 13:28:05 +0100