From f222eb3f922fcb4abd487ba383be10eac7da2fa0 Mon Sep 17 00:00:00 2001
From: Vincent Bernat <bernat@luffy.cx>
Date: Sat, 5 May 2007 00:23:40 +0200
Subject: [PATCH] Imported Debian patch 0.1~beta2.2~dfsg-2

---
 debian/changelog                  |  7 +++++++
 debian/conf/apache.conf           |  7 ++++++-
 debian/patches/rfc2822_date.patch | 11 +++++++++++
 debian/patches/series             |  1 +
 4 files changed, 25 insertions(+), 1 deletion(-)
 create mode 100644 debian/patches/rfc2822_date.patch

diff --git a/debian/changelog b/debian/changelog
index 0a9d79b..e7230af 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+roundcube (0.1~beta2.2~dfsg-2) unstable; urgency=low
+
+  * Fix a security issue by disallowing access to logs.
+  * First upload to unstable.
+
+ -- Vincent Bernat <bernat@luffy.cx>  Sat,  5 May 2007 00:23:40 +0200
+
 roundcube (0.1~beta2.2~dfsg-1) experimental; urgency=low
 
   * Initial release. (Closes: #333756, #344949)
diff --git a/debian/conf/apache.conf b/debian/conf/apache.conf
index 1f5cffa..b4447d4 100644
--- a/debian/conf/apache.conf
+++ b/debian/conf/apache.conf
@@ -22,4 +22,9 @@
 	Deny from all
 </Directory>
 
-
+<Directory /var/lib/roundcube/logs>
+        Options -FollowSymLinks
+        AllowOverride None
+	Order allow,deny
+	Deny from all
+</Directory>
diff --git a/debian/patches/rfc2822_date.patch b/debian/patches/rfc2822_date.patch
new file mode 100644
index 0000000..a5b63a0
--- /dev/null
+++ b/debian/patches/rfc2822_date.patch
@@ -0,0 +1,11 @@
+--- roundcubemail-0.1beta2/program/steps/mail/sendmail.inc~	2006-08-01 00:51:23.000000000 +0200
++++ roundcubemail-0.1beta2/program/steps/mail/sendmail.inc	2007-04-08 14:58:54.000000000 +0200
+@@ -107,7 +107,7 @@
+   $identity_arr['string'] = $from;
+ 
+ // compose headers array
+-$headers = array('Date' => date('D, j M Y G:i:s O'),
++$headers = array('Date' => date('D, j M Y H:i:s O'),
+                  'From' => $identity_arr['string'],
+                  'To'   => rcube_charset_convert($mailto, $input_charset, $message_charset));
+ 
diff --git a/debian/patches/series b/debian/patches/series
index d9c2b5e..a03f782 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 dbconfig-common_support.patch
 correct_install_path.patch
 use_mcrypt.patch
+rfc2822_date.patch
-- 
2.39.5