From f222eb3f922fcb4abd487ba383be10eac7da2fa0 Mon Sep 17 00:00:00 2001 From: Vincent Bernat Date: Sat, 5 May 2007 00:23:40 +0200 Subject: [PATCH] Imported Debian patch 0.1~beta2.2~dfsg-2 --- debian/changelog | 7 +++++++ debian/conf/apache.conf | 7 ++++++- debian/patches/rfc2822_date.patch | 11 +++++++++++ debian/patches/series | 1 + 4 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 debian/patches/rfc2822_date.patch diff --git a/debian/changelog b/debian/changelog index 0a9d79b..e7230af 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +roundcube (0.1~beta2.2~dfsg-2) unstable; urgency=low + + * Fix a security issue by disallowing access to logs. + * First upload to unstable. + + -- Vincent Bernat Sat, 5 May 2007 00:23:40 +0200 + roundcube (0.1~beta2.2~dfsg-1) experimental; urgency=low * Initial release. (Closes: #333756, #344949) diff --git a/debian/conf/apache.conf b/debian/conf/apache.conf index 1f5cffa..b4447d4 100644 --- a/debian/conf/apache.conf +++ b/debian/conf/apache.conf @@ -22,4 +22,9 @@ Deny from all - + + Options -FollowSymLinks + AllowOverride None + Order allow,deny + Deny from all + diff --git a/debian/patches/rfc2822_date.patch b/debian/patches/rfc2822_date.patch new file mode 100644 index 0000000..a5b63a0 --- /dev/null +++ b/debian/patches/rfc2822_date.patch @@ -0,0 +1,11 @@ +--- roundcubemail-0.1beta2/program/steps/mail/sendmail.inc~ 2006-08-01 00:51:23.000000000 +0200 ++++ roundcubemail-0.1beta2/program/steps/mail/sendmail.inc 2007-04-08 14:58:54.000000000 +0200 +@@ -107,7 +107,7 @@ + $identity_arr['string'] = $from; + + // compose headers array +-$headers = array('Date' => date('D, j M Y G:i:s O'), ++$headers = array('Date' => date('D, j M Y H:i:s O'), + 'From' => $identity_arr['string'], + 'To' => rcube_charset_convert($mailto, $input_charset, $message_charset)); + diff --git a/debian/patches/series b/debian/patches/series index d9c2b5e..a03f782 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,3 +1,4 @@ dbconfig-common_support.patch correct_install_path.patch use_mcrypt.patch +rfc2822_date.patch -- 2.39.2