From: Vincent Bernat Date: Wed, 5 Mar 2008 20:15:40 +0000 (+0000) Subject: New upstream release ! X-Git-Url: https://git.donarmstrong.com/?a=commitdiff_plain;h=cfea594073314e8bc334312a1919450238a66837;p=roundcube.git New upstream release ! --- diff --git a/debian/changelog b/debian/changelog index 5e3cb7a..af3f186 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,8 +1,13 @@ -roundcube (0.1~rc2-7) UNRELEASED; urgency=low +roundcube (0.1-1) UNRELEASED; urgency=low + * New upstream release (Closes: #469487) + * Remove 'ob_gzhandler.patch' and 'xss-fix.patch'. They have been + merged upstream. + * Upstream has switched to MDB2 database backend which is not packaged + in Debian yet. We switch back to old backend. * Fix debian/watch to handle correctly detection of new versions. - -- Vincent Bernat Wed, 05 Mar 2008 20:47:02 +0100 + -- Vincent Bernat Wed, 05 Mar 2008 20:49:03 +0100 roundcube (0.1~rc2-6) unstable; urgency=high diff --git a/debian/patches/dbconfig-common_support.patch b/debian/patches/dbconfig-common_support.patch index ec4a2a8..4063b3c 100644 --- a/debian/patches/dbconfig-common_support.patch +++ b/debian/patches/dbconfig-common_support.patch @@ -6,7 +6,7 @@ -// PEAR database DSN for read/write operations -// format is db_provider://user:password@host/databse --// currently supported db_providers: mysql, sqlite +-// currently supported db_providers: mysql, mysqli, pgsql, sqlite, mssql - -$rcmail_config['db_dsnw'] = 'mysql://roundcube:pass@localhost/roundcubemail'; -// postgres example: 'pgsql://roundcube:pass@localhost/roundcubemail'; diff --git a/debian/patches/ob_gzhandler.patch b/debian/patches/ob_gzhandler.patch deleted file mode 100644 index 4b2827c..0000000 --- a/debian/patches/ob_gzhandler.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- roundcube/index.php 2007-10-29 21:56:00.000000000 +0100 -+++ roundcube/index.php 2007-11-17 09:10:54.000000000 +0100 -@@ -103,7 +103,7 @@ - if ($_action != 'get' && $_action != 'viewsource') - { - // use gzip compression if supported -- if (function_exists('ob_gzhandler') && ini_get('zlib.output_compression')) -+ if (function_exists('ob_gzhandler') && !ini_get('zlib.output_compression')) - ob_start('ob_gzhandler'); - else - ob_start(); diff --git a/debian/patches/series b/debian/patches/series index 2cdc720..ce05f9b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,5 +1,4 @@ dbconfig-common_support.patch correct_install_path.patch use_packaged_tinymce.patch -ob_gzhandler.patch -xss-fix.patch +use-db-backend.patch diff --git a/debian/patches/use-db-backend.patch b/debian/patches/use-db-backend.patch new file mode 100644 index 0000000..a32a0f4 --- /dev/null +++ b/debian/patches/use-db-backend.patch @@ -0,0 +1,11 @@ +--- roundcubemail-0.1-dep/config/db.inc.php.dist~ 2008-03-03 22:32:15.000000000 +0100 ++++ roundcubemail-0.1-dep/config/db.inc.php.dist 2008-03-05 21:07:28.000000000 +0100 +@@ -27,7 +27,7 @@ + $rcmail_config['db_dsnr'] = ''; + + // database backend to use (only db or mdb2 are supported) +-$rcmail_config['db_backend'] = 'mdb2'; ++$rcmail_config['db_backend'] = 'db'; + + // maximum length of a query in bytes + $rcmail_config['db_max_length'] = 512000; // 500K diff --git a/debian/patches/xss-fix.patch b/debian/patches/xss-fix.patch deleted file mode 100644 index 225283c..0000000 --- a/debian/patches/xss-fix.patch +++ /dev/null @@ -1,136 +0,0 @@ ---- roundcube/program/steps/mail/func.inc 2007-10-17 08:50:28.000000000 +0200 -+++ roundcube/program/steps/mail/func.inc 2008-01-22 21:59:30.000000000 +0100 -@@ -481,6 +481,124 @@ - return Q($out); - } - -+/* Stolen from Squirrelmail */ -+function sq_deent(&$attvalue, $regex, $hex=false){ -+ $ret_match = false; -+ preg_match_all($regex, $attvalue, $matches); -+ if (is_array($matches) && sizeof($matches[0]) > 0){ -+ $repl = Array(); -+ for ($i = 0; $i < sizeof($matches[0]); $i++){ -+ $numval = $matches[1][$i]; -+ if ($hex){ -+ $numval = hexdec($numval); -+ } -+ $repl{$matches[0][$i]} = chr($numval); -+ } -+ $attvalue = strtr($attvalue, $repl); -+ return true; -+ } else { -+ return false; -+ } -+} -+ -+/* Stolen verbatim from Squirrelmail */ -+function sq_defang(&$attvalue){ -+ /** -+ * Skip this if there aren't ampersands or backslashes. -+ */ -+ if (strpos($attvalue, '&') === false -+ && strpos($attvalue, '\\') === false){ -+ return; -+ } -+ $m = false; -+ do { -+ $m = false; -+ $m = $m || sq_deent($attvalue, '/\�*(\d+);*/s'); -+ $m = $m || sq_deent($attvalue, '/\�*((\d|[a-f])+);*/si', true); -+ $m = $m || sq_deent($attvalue, '/\\\\(\d+)/s', true); -+ } while ($m == true); -+ $attvalue = stripslashes($attvalue); -+} -+ -+function rcmail_html_filter($html) -+ { -+ preg_match_all('/<\/?\w+((\s+\w+(\s*=\s*(?:".*?"|\'.*?\'|[^\'">\s]+))?)+\s*|\s*)\/?>/', $html, $tags); -+ -+ /* From Squirrelmail: Translate all dangerous Unicode or Shift_JIS characters which are accepted by -+ * IE as regular characters. */ -+ $replace = array(array('ʟ', 'ʟ' ,/* L UNICODE IPA Extension */ -+ 'ʀ', 'ʀ' ,/* R UNICODE IPA Extension */ -+ 'ɴ', 'ɴ' ,/* N UNICODE IPA Extension */ -+ 'E', 'E' ,/* Unicode FULLWIDTH LATIN CAPITAL LETTER E */ -+ 'e', 'e' ,/* Unicode FULLWIDTH LATIN SMALL LETTER E */ -+ 'X', 'X',/* Unicode FULLWIDTH LATIN CAPITAL LETTER X */ -+ 'x', 'x',/* Unicode FULLWIDTH LATIN SMALL LETTER X */ -+ 'P', 'P',/* Unicode FULLWIDTH LATIN CAPITAL LETTER P */ -+ 'p', 'p',/* Unicode FULLWIDTH LATIN SMALL LETTER P */ -+ 'R', 'R',/* Unicode FULLWIDTH LATIN CAPITAL LETTER R */ -+ 'r', 'r',/* Unicode FULLWIDTH LATIN SMALL LETTER R */ -+ 'S', 'S',/* Unicode FULLWIDTH LATIN CAPITAL LETTER S */ -+ 's', 's',/* Unicode FULLWIDTH LATIN SMALL LETTER S */ -+ 'I', 'I',/* Unicode FULLWIDTH LATIN CAPITAL LETTER I */ -+ 'i', 'i',/* Unicode FULLWIDTH LATIN SMALL LETTER I */ -+ 'O', 'O',/* Unicode FULLWIDTH LATIN CAPITAL LETTER O */ -+ 'o', 'o',/* Unicode FULLWIDTH LATIN SMALL LETTER O */ -+ 'N', 'N',/* Unicode FULLWIDTH LATIN CAPITAL LETTER N */ -+ 'n', 'n',/* Unicode FULLWIDTH LATIN SMALL LETTER N */ -+ 'L', 'L',/* Unicode FULLWIDTH LATIN CAPITAL LETTER L */ -+ 'l', 'l',/* Unicode FULLWIDTH LATIN SMALL LETTER L */ -+ 'U', 'U',/* Unicode FULLWIDTH LATIN CAPITAL LETTER U */ -+ 'u', 'u',/* Unicode FULLWIDTH LATIN SMALL LETTER U */ -+ 'ⁿ', 'ⁿ' ,/* Unicode SUPERSCRIPT LATIN SMALL LETTER N */ -+ "\xEF\xBC\xA5", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER E */ -+ /* in unicode this is some Chinese char range */ -+ "\xEF\xBD\x85", /* Shift JIS FULLWIDTH LATIN SMALL LETTER E */ -+ "\xEF\xBC\xB8", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER X */ -+ "\xEF\xBD\x98", /* Shift JIS FULLWIDTH LATIN SMALL LETTER X */ -+ "\xEF\xBC\xB0", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER P */ -+ "\xEF\xBD\x90", /* Shift JIS FULLWIDTH LATIN SMALL LETTER P */ -+ "\xEF\xBC\xB2", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER R */ -+ "\xEF\xBD\x92", /* Shift JIS FULLWIDTH LATIN SMALL LETTER R */ -+ "\xEF\xBC\xB3", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER S */ -+ "\xEF\xBD\x93", /* Shift JIS FULLWIDTH LATIN SMALL LETTER S */ -+ "\xEF\xBC\xA9", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER I */ -+ "\xEF\xBD\x89", /* Shift JIS FULLWIDTH LATIN SMALL LETTER I */ -+ "\xEF\xBC\xAF", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER O */ -+ "\xEF\xBD\x8F", /* Shift JIS FULLWIDTH LATIN SMALL LETTER O */ -+ "\xEF\xBC\xAE", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER N */ -+ "\xEF\xBD\x8E", /* Shift JIS FULLWIDTH LATIN SMALL LETTER N */ -+ "\xEF\xBC\xAC", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER L */ -+ "\xEF\xBD\x8C", /* Shift JIS FULLWIDTH LATIN SMALL LETTER L */ -+ "\xEF\xBC\xB5", /* Shift JIS FULLWIDTH LATIN CAPITAL LETTER U */ -+ "\xEF\xBD\x95", /* Shift JIS FULLWIDTH LATIN SMALL LETTER U */ -+ "\xE2\x81\xBF", /* Shift JIS FULLWIDTH SUPERSCRIPT N */ -+ "\xCA\x9F", /* L UNICODE IPA Extension */ -+ "\xCA\x80", /* R UNICODE IPA Extension */ -+ "\xC9\xB4"), /* N UNICODE IPA Extension */ -+ array('l', 'l', 'r', 'r', 'n', 'n', 'E', 'E', 'e', 'e', 'X', 'X', 'x', 'x', -+ 'P', 'P', 'p', 'p', 'R', 'R', 'r', 'r', 'S', 'S', 's', 's', 'I', 'I', -+ 'i', 'i', 'O', 'O', 'o', 'o', 'N', 'N', 'n', 'n', 'L', 'L', 'l', 'l', -+ 'U', 'U', 'u', 'u', 'n', 'n', 'E', 'e', 'X', 'x', 'P', 'p', 'R', 'r', -+ 'S', 's', 'I', 'i', 'O', 'o', 'N', 'n', 'L', 'l', 'U', 'u', 'n', 'l', 'r', 'n')); -+ if ((count($tags)>3) && (count($tags[3])>0)) -+ foreach ($tags[3] as $nr=>$value) -+ { -+ /* Remove comments */ -+ $newvalue = preg_replace('/(\/\*.*\*\/)/','$2',$value); -+ /* Translate dangerous characters */ -+ $newvalue = str_replace($replace[0], $replace[1], $newvalue); -+ sq_defang($newvalue); -+ /* Rename dangerous CSS */ -+ $newvalue = preg_replace('/expression/i', 'idiocy', $newvalue); -+ $newvalue = preg_replace('/url/i', 'idiocy', $newvalue); -+ $newattrs = preg_replace('/'.preg_quote($value, '/').'$/', $newvalue, $tags[1][$nr]); -+ $newtag = preg_replace('/'.preg_quote($tags[1][$nr], '/').'/', $newattrs, $tags[0][$nr]); -+ $html = preg_replace('/'.preg_quote($tags[0][$nr], '/').'/', $newtag, $html); -+ } -+ -+ return $html; -+ } -+ - - function rcmail_print_body($part, $safe=FALSE, $plain=FALSE) - { -@@ -533,7 +651,7 @@ - $body = preg_replace($remote_patterns, $remote_replaces, $body); - } - -- return Q($body, 'show', FALSE); -+ return Q(rcmail_html_filter($body), 'show', FALSE); - } - - // text/enriched