+roundcube (0.3-3) unstable; urgency=low
+
+ * Starting from Roundcube 0.3, an incompatibility with Suhosin session
+ encryption is present. This can be resolved by tuning php.ini for
+ Roundcube with the "suhosin.session.encrypt" set to "Off".
+
+ We ship a .htaccess in /var/lib/roundcube to disable this
+ option. However, this only works with a webserver like Apache with
+ mod_php. If you are using a webserver with PHP configured as a *CGI
+ process, you need to tune the php.ini for this process: either turn of
+ globally Suhosin session encryption in /etc/php5/conf.d/suhosin or you
+ can provide your own php.ini to php5-cgi with "-c" option.
+
+ -- Vincent Bernat <bernat@debian.org> Mon, 02 Nov 2009 19:48:22 +0100
+