1 roundcube (0.7.2-2) UNRELEASED; urgency=low
3 * Rotate /var/log/roundcube/session. Closes: #671472.
5 -- Vincent Bernat <bernat@debian.org> Fri, 04 May 2012 18:58:34 +0200
7 roundcube (0.7.2-1) unstable; urgency=low
9 * New upstream version.
10 * Bump Standards-Version. No changes required.
11 * Depends on php-mail-mime (>= 1.8.2). Closes: #656243.
13 -- Vincent Bernat <bernat@debian.org> Sat, 28 Apr 2012 10:29:15 +0200
15 roundcube (0.7.1-2) unstable; urgency=high
17 * Remove roundcube-sqlite package since php5 package does not ship
18 SQLite 2.x support anymore. Roundcube is incompatible with SQLite 3.x.
20 * Urgency set to high for php5 migration into testing.
22 -- Vincent Bernat <bernat@debian.org> Tue, 07 Feb 2012 17:37:52 +0100
24 roundcube (0.7.1-1) unstable; urgency=low
26 * New upstream version. Closes: #656093.
27 * Add Dutch debconf translation, thanks to Jeroen Schot.
30 -- Vincent Bernat <bernat@debian.org> Tue, 17 Jan 2012 08:57:11 +0100
32 roundcube (0.7-3) unstable; urgency=low
34 * Ship jqueryui plugin. Closes: #653274.
35 + Depend on libjs-jquery-ui package (instead of builtin copy).
36 + Conflict with versions of roundcube-plugins-extra providing this
38 * More SQL fixes on update. Closes: #654297.
40 -- Vincent Bernat <bernat@debian.org> Mon, 02 Jan 2012 21:45:42 +0100
42 roundcube (0.7-2) unstable; urgency=low
44 * Fix SQLite upgrade file. Closes: #653217.
45 * Also fixes MySQL upgrade file and SQLite regular file.
47 -- Vincent Bernat <bernat@debian.org> Sun, 25 Dec 2011 16:14:04 +0100
49 roundcube (0.7-1) unstable; urgency=low
51 * New upstream version. Closes: #652564.
52 + Does not ship SWF with TinyMCE anymore.
54 -- Vincent Bernat <bernat@debian.org> Fri, 23 Dec 2011 22:04:39 +0100
56 roundcube (0.6+dfsg-1) unstable; urgency=low
58 * New upstream version. Closes: #643707.
59 + Repack to remove SWF file without source from TinyMCE.
60 + Add SQL upgrade procedures.
61 + Add new plugins: acl, enigma and newmail_notifier.
62 + Update jQuery dependency to jQuery 1.6.4.
64 -- Vincent Bernat <bernat@debian.org> Sun, 02 Oct 2011 15:20:57 +0200
66 roundcube (0.5.4+dfsg-1) unstable; urgency=high
69 * New upstream version.
70 + Fix XSS vulnerability in UI messages (Closes: #641996).
71 * Switch to Git for version control thanks to Jérémy
72 Bobbio. debian/control updated.
73 * Ship INSTALL. Closes: #633698.
76 * Re-add 'password' plugin to roundcube-plugins.
78 -- Vincent Bernat <bernat@debian.org> Wed, 13 Jul 2011 08:33:01 +0200
80 roundcube (0.5.3+dfsg-1) unstable; urgency=low
82 * New upstream release.
83 + Fix identities "reply-to" and "bcc" fields have a bogus value when
84 left empty (Closes: #628553).
86 -- Vincent Bernat <bernat@debian.org> Fri, 10 Jun 2011 22:48:57 +0200
88 roundcube (0.5.2+dfsg-1) unstable; urgency=low
90 * New upstream release
91 * Update logrotate configuration. Closes: #619410.
92 * Make debian-db.php owned by root. This really closes: #608976.
93 * Bump Standards-Version. No changes required.
95 -- Vincent Bernat <bernat@debian.org> Sun, 24 Apr 2011 00:35:34 +0200
97 roundcube (0.5.1+dfsg-7) unstable; urgency=low
99 * Make dbconfig-common use sqlite by default to ensure that the package
100 can be configured non-interactively in most cases. Closes: #617754.
102 -- Vincent Bernat <bernat@debian.org> Fri, 11 Mar 2011 09:08:32 +0100
104 roundcube (0.5.1+dfsg-6) unstable; urgency=low
106 * Handle incorrect upgrade from 0.3.1-6 when "changed" column already
107 exists for table "identities". Closes: #617312.
109 -- Vincent Bernat <bernat@debian.org> Tue, 08 Mar 2011 07:37:56 +0100
111 roundcube (0.5.1+dfsg-5) unstable; urgency=low
113 * Don't use awk. Use plain shell to modify main.inc.php.
116 -- Vincent Bernat <bernat@debian.org> Fri, 04 Mar 2011 20:46:57 +0100
118 roundcube (0.5.1+dfsg-4) unstable; urgency=low
120 * Fix debian/watch to remove "+dfsg" suffix.
121 * Use awk instead of sed to modify main.inc.php. Closes: #615277.
123 -- Vincent Bernat <bernat@debian.org> Tue, 01 Mar 2011 19:59:00 +0100
125 roundcube (0.5.1+dfsg-3) unstable; urgency=low
127 * Install show_additional_headers plugin in roundcube-plugins package.
128 * Use dbconfig-common to force some upgrade commands using some ugly
129 hacks. This should fix any remaining problems with MySQL
130 upgrade. Closes: #613586.
132 -- Vincent Bernat <bernat@debian.org> Fri, 18 Feb 2011 22:04:12 +0100
134 roundcube (0.5.1+dfsg-2) unstable; urgency=low
136 * Remove all "ADD INDEX" from MySQL 0.5-1 upgrade file and put them in
137 postinst script. If you have a problem during the upgrade, please, let
138 me know. This upload is only done to prevent users who did not upgrade
139 to 0.5 yet to have a problem during their upgrade. If you already
140 upgraded to 0.5 and if the upgrade failed (or if some feature are
141 missing like identities management), please look at bug #613586.
143 -- Vincent Bernat <bernat@debian.org> Wed, 16 Feb 2011 20:54:48 +0100
145 roundcube (0.5.1+dfsg-1) unstable; urgency=low
147 * Add plugins. Closes: #550454.
148 * Rewrite (and update) of debian/copyright.
149 * Use of yui-compressor to re-minify Javascript files.
150 * Drop correct-magic-path.patch: libmagic1 now provides a symlink to the
151 correct location since 4.24-4.
152 * Repack orig.tar.gz to remove swf file shipped with TinyMCE with no
155 -- Vincent Bernat <bernat@debian.org> Mon, 14 Feb 2011 22:33:51 +0100
157 roundcube (0.5.1-1) unstable; urgency=low
159 * New upstream version. Some bugs are corrected in this release or in a
161 + when switching to HTML mode, content type is now correctly set.
163 + header delimiters handling has been fixed in 0.5.
165 * Don't assign "skins" directory to www-data. Closes: #612552.
166 * Add instructions on how to install and upgrade when not using
167 dbconfig-common. We do not ship UPGRADING file any more since it is
168 misleading. Closes: #612511.
169 * Fix MySQL indexes if upgrading from 0.5-2 or lesser. Closes: #610725.
170 * Rework how symlinks work. The only directory to use is
171 /var/lib/roundcube. We use symlink from /usr/share/roundcube to
172 /var/lib/roundcube and not the other way. Moreover, plugins and skins
173 are also symlinked. A user should be able to add plugins and skins in
174 /var/lib/roundcube while default ones are in
175 /usr/share/roundcube. Closes: #612553.
177 -- Vincent Bernat <bernat@debian.org> Wed, 09 Feb 2011 07:32:42 +0100
179 roundcube (0.5-2) experimental; urgency=low
181 * If 0.3.1 was installed from scratch, upgrade does not work on MySQL
182 and PostgreSQL because we try to create an index which already
183 exists. With SQLite, the error is ignored, no fix needed. When using
184 PostgreSQL, fix this by dropping the index if it already
185 exists. Nothing similar seems to exist with MySQL. Therefore, just
186 don't create the index. We need to handle this later. See bug
187 #610725. Not closing.
189 -- Vincent Bernat <bernat@debian.org> Fri, 21 Jan 2011 21:44:05 +0100
191 roundcube (0.5-1) experimental; urgency=low
193 * New upstream release. Closes: #592312.
194 + Drop patches included upstream (DNS prefetching, jQuery 1.4
195 handling, email address validation, duplicate headers, incorrectly
196 formatted received headers). Adapt other patches. One of the patch
197 now correctly states to use dpkg-reconfigure roundcube-core.
199 + Update SQL commands to use to upgrade database.
200 That also closes: #602922. Unfortunately, the user may get some
201 harmless error messages because there is no way to know if
202 0.3.1 was installed from scratch or upgraded from 0.3.
203 + Update dependencies to match INSTALL file. Only exception is the
204 use of Mail_Mime 1.8.0 in place of 1.8.1 which is not available in
205 Debian. We depends on jQuery 1.4.2 because 1.4.4 is not available in
207 + All folders are correctly checked since 0.4. Closes: #552430.
208 + Also, closes: #553194 since it seems to have been fixed too.
209 + There is also the possibility to not top-quote since 0.4.
211 + Closes: #602144. Also fixed.
212 * Move .htaccess to /etc/roundcube and use a symlink (Closes: #591369).
213 * Don't let www-data overwrite debian-db.php. Closes: #608976.
214 * Bump Standards-Version. No changes required.
216 -- Vincent Bernat <bernat@debian.org> Sat, 15 Jan 2011 12:40:27 +0100
218 roundcube (0.3.1-6) unstable; urgency=low
220 * Update Arabic debconf translation, thanks to Ossama Khayat.
222 * Update Portuguese debconf translation, thanks to Christian Perrier.
224 * Add a patch to avoid duplicate boundaries in headers when adding an
225 attachment. Closes: #599586.
227 -- Vincent Bernat <bernat@debian.org> Mon, 18 Oct 2010 23:14:37 +0200
229 roundcube (0.3.1-5) unstable; urgency=low
231 * Depends on php-mail-mime 1.7.0 or more recent to handle correctly
232 'mime_param_folding' directive. Closes: #588295.
233 * Add Danish debconf translation, thanks to Joe Dalton.
235 * Add a patch to fix Received header to behave better with Spam
236 Assassin. Closes: #595204.
238 -- Vincent Bernat <bernat@debian.org> Thu, 02 Sep 2010 07:54:58 +0200
240 roundcube (0.3.1-4) unstable; urgency=low
242 * Update README.Debian to state that the variable to modify is
243 'htmleditor' instead of 'enable_htmleditor'. Thanks to Hans
244 Spaans. Closes: #575556.
245 * Add Brazilian Portuguese debconf translation, thanks to Eder
246 L. Marques. Closes: #581745.
247 * Switch default encoding to UTF-8 instead of ISO-8859-1.
249 * Add more explanations on how to install roundcube in a Debian system
250 in README.Debian. Closes: #584458, #582894.
251 * Bump Standards-Version. No changes required.
252 * Switch to 3.0 (quilt) format.
253 * Use Breaks instead of Conflicts to move files from older roundcube
256 -- Vincent Bernat <bernat@debian.org> Sat, 17 Jul 2010 17:23:30 +0200
258 roundcube (0.3.1-3) unstable; urgency=high
260 * RFC 5321, section 4.5.3.1, asks to not impose any limits on length if
261 possible. We respect this by dropping limitation of the local-part of
262 an email address. Closes: #568360, #568537.
263 * Suggests php-auth-sasl to enable use of SASL mechanisms for mail
264 servers. Closes: #567550.
265 * Disable DNS prefetching to avoid information leakage through links
266 embedded in messages. This fixes CVE-2010-0464. Closes: #569660.
267 * Bump Standards-Version. No changes required.
269 -- Vincent Bernat <bernat@debian.org> Sat, 13 Feb 2010 10:21:49 +0100
271 roundcube (0.3.1-2) unstable; urgency=low
273 * Fix VCS links in debian/control, thanks to Torsten Landschoff.
275 * Really ship NEWS.Debian.
276 * Add changesets 3170 and 3202 from upstream to handle gracefully jQuery
277 1.4. Thanks to Volker Gropp for the report. Closes: #565715.
279 -- Vincent Bernat <bernat@debian.org> Mon, 18 Jan 2010 23:11:01 +0100
281 roundcube (0.3.1-1) unstable; urgency=low
283 * New upstream release.
284 * Add a notice in NEWS.Debian about php.ini options that should be set
285 to get Roundcube working properly. Closes: #549428, #552508.
287 -- Vincent Bernat <bernat@debian.org> Sat, 07 Nov 2009 17:41:37 +0100
289 roundcube (0.3-2) unstable; urgency=low
291 * Really fix #544579 since the default value is null without
292 quotes. This really Closes: #544579.
293 * Enlarge login box to accommodate sk_SK locale. Closes: #542933.
295 -- Vincent Bernat <bernat@debian.org> Sun, 27 Sep 2009 11:26:56 +0200
297 roundcube (0.3-1) unstable; urgency=low
299 * New upstream release. Closes: #545498.
300 * Update debconf translations:
301 + Italian, thanks to Luca Monducci. Closes: #544199.
302 + Czech, thanks to Miroslav Kure. Closes: #546413.
303 * Roundcube configuration now uses 'language' instead of 'locale_string'
304 to specify the default language. Update postinst to reflect this
305 change. Thanks to Richard van den Berg for noticing this. Closes: #544579.
306 * Depends on libjs-jquery (>= 1.3) since this is now used by roundcube.
307 * Don't ship any plugins for now but ship an empty plugins directory.
308 * Ship main .htaccess since it is needed to setup correctly PHP (for
309 example, to disable PHP Suhosin cookie encryption).
310 * Bump Standards-Version. No changes required.
312 -- Vincent Bernat <bernat@debian.org> Sun, 27 Sep 2009 11:00:30 +0200
314 roundcube (0.2.2-1) unstable; urgency=low
316 * New upstream release
317 * Bump Standards-Version. No changes required.
318 * Remove *.js.src which are not needed at runtime.
319 * Don't send email contents to Google by default by using php5-pspell
320 instead. Thanks to Anand Kumria. Closes: #529563.
321 * Update debconf translations:
322 + Basque, thanks to Piarres Beobide. Closes: #534282.
324 -- Vincent Bernat <bernat@debian.org> Sun, 05 Jul 2009 09:53:17 +0200
326 roundcube (0.2.1-2) unstable; urgency=low
328 * Update debconf translations:
329 + German, thanks to Helge Kreutzmann. Closes: #520004.
330 + Japanese, thanks to Hideki Yamane. Closes: #520024.
331 + Spanish, thanks to Francisco Javier. Closes: #526696.
332 + Russian, thanks to Yuri Kozlov. Closes: #528796.
333 * Depend on php-mdb2-* (>= 1.5.0b2) since it is needed to fix some
334 bugs. Closes: #519104, #519293. Remove not needed any more patch from
335 debian/patches/series. Keep it in debian/patches to help backports.
337 -- Vincent Bernat <bernat@debian.org> Sat, 16 May 2009 15:30:17 +0200
339 roundcube (0.2.1-1) unstable; urgency=low
341 * New upstream release:
342 + Fix use_packaged_tinymce.patch to apply to this new version
343 + Remove cve-2009-0413.patch which has been applied upstream
345 -- Vincent Bernat <bernat@debian.org> Sat, 14 Mar 2009 17:42:07 +0100
347 roundcube (0.2~stable-2) unstable; urgency=low
349 * Update debconf translations:
350 + French, thanks to Christian Perrier. Closes: #515806.
351 + Swedish, thanks to Martin Bagge. Closes: #516683.
352 * Drop virtual package roundcube-db and add dependencies on real package
353 instead: this way, we can have versioned dependencies on those to avoid
354 version mismatch between packages.
355 * Add a patch to not use a MDB2 feature not present in the Debian
356 package. Thanks to Grzegorz Sobański for the patch. Closes: #519104.
358 -- Vincent Bernat <bernat@debian.org> Wed, 11 Mar 2009 18:49:32 +0100
360 roundcube (0.2~stable-1) unstable; urgency=low
362 * New upstream version. Closes: #503573, #504570.
363 + Add SQL update scripts for this new release and for
364 0.2~alpha. Remove copy of SQL upgrade script from debian/rules.
365 + Remove patch for CVE-2008-5620 which is now fixed upstream.
366 + Remove patch correcting a vulnerability in html2text.php.
367 + Remove patch fixing login issue. This is fixed upstream.
368 + Remove patch setting the default backend to db instead of mdb2:
369 this is not possible any more. We depend on php-mdb2 now.
370 + Update patch to use packaged tinymce.
371 * Upload to unstable since Lenny is out.
372 * Apply fix for XSS issue (CVE-2009-0413). Closes: #514179.
373 * Remove hack to update a SQLite table for an upgrade from a quite old
374 version of roundcube.
375 * Fix pending l10n issues:
376 + Update English debconf template. Closes: #473794.
377 + Add Swedish translation thanks to Martin Bagge. Closes: #508752.
378 * Fix debian/copyright to make lintian happy.
380 -- Vincent Bernat <bernat@debian.org> Sun, 15 Feb 2009 16:18:58 +0100
382 roundcube (0.2~alpha-4) experimental; urgency=low
384 * Add missing ${misc:Depends} to make Lintian happy.
385 * Add description to each patch.
386 * Execute cron job only if the directory to clean exists.
387 * Reload web server configuration instead of restart, thanks to a patch
388 from Tiago Bortoletto Vaz. Closes: #508633.
389 * Fix a vulnerability in quota image generation. This fixes
390 CVE-2008-5620. Thanks to Nico Golde for reporting it. Closes: #509596.
391 * Add missing dependency on php5-gd, used for quota bar.
392 * For roundcube-pgsql, depends on postgresql-client only. This package
393 is provided by the currently supported real package.
395 -- Vincent Bernat <bernat@debian.org> Thu, 25 Dec 2008 11:38:13 +0100
397 roundcube (0.2~alpha-3) experimental; urgency=high
400 * Fix a vulnerability in the use of preg_replace (Closes: #508628).
401 * Adapt descriptions of roundcube-database packages to refer them as
402 metapackages instead of virtual package (Closes: #495434).
403 * Add robots.txt from upstream, even if in some configuration, it will
404 not be considered (Closes: #499108).
405 * Do not ship .htaccess files. Restrictions are set in Apache or
406 Lighttpd configuration files (Closes: #500202).
409 * Changed versioned dependency of rouncube from binary:Version to
410 source:Version since these are all architecture independent packages.
412 -- Vincent Bernat <bernat@debian.org> Sat, 13 Dec 2008 14:36:02 +0100
414 roundcube (0.2~alpha-2) experimental; urgency=low
417 * Fix lintian warnings introduced by previous upload
418 * Fix lighttpd.conf to make it work with latest versions (Closes: #494044)
419 * Do not prepend path to lighty util in postinst and postrm, as per
420 Policy Manual section 6.1
421 * Ship a bug/control file to have all bugs submitted against roundcube
423 * Fix debian/roundcube-core.cron.daily to use
424 /etc/default/roundcube-core instead of /etc/default/roundcube which
425 should not exist any more
428 * Versioned roundcube-core dependency for roundcube
430 -- Vincent Bernat <bernat@debian.org> Sat, 16 Aug 2008 13:22:08 +0200
432 roundcube (0.2~alpha-1) experimental; urgency=low
434 * New upstream release
435 * Update debian/watch file to correctly consider those new releases
436 * Remove the following patches:
437 + messageid-headers-ordering
439 + disable-tinymce-spellchecker
440 * Update the following patches:
441 + correct_install_path
442 + use_packaged_tinymce
443 * Add a new patch to fix a login problem
444 * Depends on tinymce >= 3
446 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 14:10:44 +0200
448 roundcube (0.1.1-7) unstable; urgency=low
450 * Another fix for incorrect tinymce path. This should be the last one!
452 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 12:36:59 +0200
454 roundcube (0.1.1-6) unstable; urgency=low
456 * Fix use_packaged_tinymce patch which was incorrect after switch to
459 -- Vincent Bernat <bernat@debian.org> Sun, 22 Jun 2008 12:19:16 +0200
461 roundcube (0.1.1-5) unstable; urgency=low
463 * Fix ordering of message-id in message headers, thanks to Reinhard
464 Tartler (Closes: #486493)
465 * Update Standards-Version to 3.8.0
467 -- Vincent Bernat <bernat@debian.org> Tue, 17 Jun 2008 00:33:40 +0200
469 roundcube (0.1.1-4) unstable; urgency=low
471 * Add Slovak debconf translation, thanks to Ivan Masár (Closes: #481376)
472 * Fix debian/copyright:
473 + RoundCube is GPL-2 licensed, not GPL-2+
474 + Add an explanation on the BSD license present at the top of
475 index.php (Closes: #477119)
476 * We do not support tinymce 3, yet. Depends on tinymce2 | tinymce (<<
477 3). Closes: #481145, #483053, #482295
479 -- Vincent Bernat <bernat@debian.org> Tue, 20 May 2008 20:51:52 +0200
481 roundcube (0.1.1-3) unstable; urgency=low
483 * Fix an error introduced when fixing bug #476803. Thanks to Micah
484 Anderson for spotting it (Closes: #479775).
485 * Avoid to pop language question at every upgrade. Thanks to Ivan Vucica
486 for spotting this. The problem lied in the use of db_metaget to get
487 the value of a key set by db_subst in a previous invocation. It seems
488 this is not possible any more (Closes: #480043). The fix implies that
489 we won't ask the question again if more languages are available since
492 -- Vincent Bernat <bernat@debian.org> Thu, 08 May 2008 09:50:24 +0200
494 roundcube (0.1.1-2) unstable; urgency=low
496 * Comment by default Alias directive for tinymce in Apache configuration
497 file (Closes: #476162).
498 * Allow to preseed language value (Closes: #476803).
500 -- Vincent Bernat <bernat@luffy.cx> Sat, 19 Apr 2008 16:50:28 +0200
502 roundcube (0.1.1-1) unstable; urgency=low
504 * New upstream release
505 - Copy old SQL upgrade scripts into debian/sql to allow upgrade from
506 versions older than 0.1
507 - Patch new MySQL upgrade script to fix a typo
508 * Debconf translation updates:
509 - Spanish. Closes: #473788
510 * Depends on php-mail-mime (>= 1.5.0) and drop compatibility patch
511 * Install upstream changelog in /usr/share/doc/roundcube*
513 -- Vincent Bernat <bernat@luffy.cx> Sat, 05 Apr 2008 18:16:33 +0200
515 roundcube (0.1-4) unstable; urgency=low
517 * Debconf translation updates:
518 - French. Closes: #469802
519 - Russian. Closes: #469847
520 - Galician. Closes: #469866
521 - German. Closes: #469875
522 - Finnish. Closes: #469922
523 - Italian. Closes: #469987
524 - Czech. Closes: #470150
525 - Portuguese. Closes: #470156
526 - Spanish. Closes: #470732
527 - Basque. Closes: #470871
528 - Arabic. Closes: #471470
530 -- Vincent Bernat <bernat@luffy.cx> Sat, 08 Mar 2008 11:15:00 +0100
532 roundcube (0.1-3) unstable; urgency=low
534 * Fix problem with too old php-mail-mime package (Closes: #469814)
536 -- Vincent Bernat <bernat@luffy.cx> Fri, 07 Mar 2008 11:06:49 +0100
538 roundcube (0.1-2) unstable; urgency=low
540 * Ship bin/ directory as well. This fix conversion from HTML to text in
542 * Disable spellchecker for tinymce since it is not shipped with Debian
545 -- Vincent Bernat <bernat@luffy.cx> Fri, 07 Mar 2008 09:42:39 +0100
547 roundcube (0.1-1) unstable; urgency=low
549 * New upstream release (Closes: #469487).
550 - This release seems to fix failure to set some fields when replying,
551 with bincimap as IMAP server (Closes: #443562)
552 - It also fixes the deletion of multiple messages, still with
553 bincimap (Closes: #451404)
554 * Remove 'ob_gzhandler.patch' and 'xss-fix.patch'. They have been
556 * Upstream has switched to MDB2 database backend which is not packaged
557 in Debian yet. We switch back to old backend.
558 * Fix debian/watch to handle correctly detection of new versions.
559 * Add support for lighttpd and remove support for older version of
560 Apache. The debconf question about webserver autoconfiguration is
561 reworded (Closes: #462961).
562 * Do not depend on a specific revision of cdbs.
563 * Move po-debconf from Build-Depends-Indep to Build-Depends since it is
564 needed for clean target.
565 * Correct path to /usr/share/file/magic, provided by libmagic1. Provide
566 license information about this file in debian/copyright.
568 -- Vincent Bernat <bernat@luffy.cx> Wed, 05 Mar 2008 20:49:03 +0100
570 roundcube (0.1~rc2-6) unstable; urgency=high
572 * Bug fix: "CVE-2007-6321: Cross-site scripting (XSS) vulnerability",
573 thanks to Micah Anderson (Closes: #455840). The patch is from
574 http://lists.roundcube.net/mail-archive/dev/2007-12/0000038.html and
575 provided by Robin Elfrink. It has been modified with some functions
576 stolen from Squirrelmail.
577 * Finnish debconf template, thanks to Esko Arajärvi (Closes: #458244).
579 -- Vincent Bernat <bernat@luffy.cx> Sat, 29 Dec 2007 21:55:17 +0100
581 roundcube (0.1~rc2-5) unstable; urgency=low
583 * Deal with old /etc/logrotate.d/roundcube by removing it if left
584 untouched (Closes: #456546). Also deal with /etc/default/roundcube and
585 /etc/cron.daily/roundcube.
587 -- Vincent Bernat <bernat@luffy.cx> Tue, 18 Dec 2007 23:02:46 +0100
589 roundcube (0.1~rc2-4) unstable; urgency=low
591 * Thightened dependencies for a safe upgrade
592 * Finally removed any circular dependency, -db packages no longer pull
593 a full roundcube install
595 -- Romain Beauxis <toots@rastageeks.org> Sun, 09 Dec 2007 14:24:24 +0100
597 roundcube (0.1~rc2-3) unstable; urgency=low
600 * Bumped standard version to 3.7.3 (no changes)
602 -- Romain Beauxis <toots@rastageeks.org> Sun, 09 Dec 2007 14:19:28 +0100
604 roundcube (0.1~rc2-2) experimental; urgency=low
607 * Fix a conflict between ob_gzhandler and zlib output compression,
608 thanks to kaouete (Closes: #450482).
611 * Fix tinymce patch and inclusion
613 * Splitted virtual packages to avoid circular dependencies.
614 Uploading to experimental, as this is an important change and we may
617 -- Romain Beauxis <toots@rastageeks.org> Mon, 26 Nov 2007 11:54:21 +0100
619 roundcube (0.1~rc2-1) unstable; urgency=low
621 * New upstream, thanks to Nicolas Stransky (Closes: #447503). This
622 release support tinymce as HTML editor. Look at README.Debian for more
624 * Update Galician debconf template, thanks to Jacobo Tarrio (Closes: #447943).
626 -- Vincent Bernat <bernat@luffy.cx> Mon, 29 Oct 2007 22:08:43 +0100
628 roundcube (0.1~rc1-3) unstable; urgency=low
630 * In respect to policy 12.3, do not put main.inc.php.dist in
631 /usr/share/doc, thanks to Jonas Smedegaard (Closes: #446502).
632 * Update German and French debconf templates, thanks to Christian
633 Perrier (Closes: #446458) and Helge Kreutzmann (Closes: #446532).
635 -- Vincent Bernat <bernat@luffy.cx> Sun, 14 Oct 2007 08:41:24 +0200
637 roundcube (0.1~rc1-2) unstable; urgency=low
639 * Fix dependencies by creating virtual packages for each database
640 backend, thanks to Joey Hess (Closes: #444925).
642 -- Vincent Bernat <bernat@luffy.cx> Tue, 02 Oct 2007 20:09:19 +0200
644 roundcube (0.1~rc1-1) unstable; urgency=low
646 * New upstream release
647 * Removed non gpl file des.inc
649 -- Romain Beauxis <toots@rastageeks.org> Tue, 24 Jul 2007 13:36:20 +0200
651 roundcube (0.1~rc1~dfsg-3) unstable; urgency=low
653 * Add php5-mcrypt dependency (Closes: #431177)
655 -- Vincent Bernat <bernat@luffy.cx> Sat, 30 Jun 2007 19:36:21 +0200
657 roundcube (0.1~rc1~dfsg-2) unstable; urgency=low
659 * Removed custom unix_timestamp for sqlite: solved upstream
660 * Debconf templates and debian/control reviewed by the debian-l10n-
661 english team as part of the Smith review project.
662 Closes: #426086, #427546, #427546
663 * Debconf translation updates:
664 - Galician. Closes: #426140
665 - Basque. Closes: #426150
666 - Czech. Closes: #426428
667 - Portuguese. Closes: #426451
668 - Arabic. Closes: #427110
669 - Italian. Closes: #427206
670 - German. Closes: #427536
671 - French. Closes: #427736
672 - Tamil. Closes: #428254
673 - Russian. Closes: #428364
674 - Spanish. Closes: #428573
676 -- Romain Beauxis <toots@rastageeks.org> Tue, 05 Jun 2007 15:22:36 +0200
678 roundcube (0.1~rc1~dfsg-1) unstable; urgency=low
681 * New upstream release
682 * Update script for sqlite in postinst
684 * Fixed dh_link calls
686 * Added custom patch to use php unix timestamp support
687 with sqlite since UNIX_TIMESTAMP is not supported by sqlite.
688 * Dropped php4 dependencies
690 -- Vincent Bernat <bernat@luffy.cx> Sun, 20 May 2007 13:59:44 +0200
692 roundcube (0.1~beta2.2~dfsg-2) unstable; urgency=low
694 * Fix a security issue by disallowing access to logs.
695 * First upload to unstable.
697 -- Vincent Bernat <bernat@luffy.cx> Sat, 5 May 2007 00:23:40 +0200
699 roundcube (0.1~beta2.2~dfsg-1) experimental; urgency=low
701 * Initial release. (Closes: #333756, #344949)
703 -- Romain Beauxis <toots@rastageeks.org> Tue, 13 Mar 2007 13:28:05 +0100