+roundcube (0.2~alpha-3) experimental; urgency=high
+
+ [ Vincent Bernat ]
+ * Fix a vulnerability in the use of preg_replace (Closes: #508628).
+ * Adapt descriptions of roundcube-database packages to refer them as
+ metapackages instead of virtual package (Closes: #495434).
+ * Add robots.txt from upstream, even if in some configuration, it will
+ not be considered (Closes: #499108).
+ * Do not ship .htaccess files. Restrictions are set in Apache or
+ Lighttpd configuration files (Closes: #500202).
+
+ [ Romain Beauxis ]
+ * Changed versioned dependency of rouncube from binary:Version to
+ source:Version since these are all architecture independent packages.
+
+ -- Vincent Bernat <bernat@debian.org> Sat, 13 Dec 2008 14:36:02 +0100
+
roundcube (0.2~alpha-2) experimental; urgency=low
[ Vincent Bernat ]
The user interface is fully skinnable using XHTML and CSS 2.
.
This package provides the core code for roundcube. You should install
- it along with one of the roundcube database virtual packages.
+ it along with one of the roundcube database metapackages.
Package: roundcube
Architecture: all
-Depends: roundcube-sqlite | roundcube-db, roundcube-core (= ${binary:Version})
+Depends: roundcube-sqlite | roundcube-db, roundcube-core (= ${source:Version})
Description: skinnable AJAX based webmail solution for IMAP servers
RoundCube Webmail is a browser-based multilingual IMAP client with an
application-like user interface. It provides full functionality
Depends: php5-mysql, mysql-client | virtual-mysql-client
Suggests: mysql-server
Provides: roundcube-db
-Description: virtual package providing MySQL dependencies for RoundCube
+Description: metapackage providing MySQL dependencies for RoundCube
This package provides MySQL dependencies for RoundCube Webmail, a
skinnable AJAX based webmail solution for IMAP servers. Install this
one if you want to use a MySQL database with RoundCube.
Depends: php5-pgsql, postgresql-client-8.1 | postgresql-client
Suggests: postgresql-server
Provides: roundcube-db
-Description: virtual package providing PostgreSQL dependencies for RoundCube
+Description: metapackage providing PostgreSQL dependencies for RoundCube
This package provides PostgreSQL dependencies for RoundCube Webmail,
a skinnable AJAX based webmail solution for IMAP servers. Install
this one if you want to use a PostgreSQL database with RoundCube.
Architecture: all
Depends: php5-sqlite, sqlite
Provides: roundcube-db
-Description: virtual package providing sqlite dependencies for RoundCube
+Description: metapackage providing sqlite dependencies for RoundCube
This package provides sqlite dependencies for RoundCube Webmail, a
skinnable AJAX based webmail solution for IMAP servers. Install this
one if you want to use a sqlite database with RoundCube.
The user interface is fully skinnable using XHTML and CSS 2.
.
This package provides the core code for roundcube. You should install
- it along with one of the roundcube database virtual packages.
+ it along with one of the roundcube database metapackages.
Package: roundcube
Architecture: all
-Depends: roundcube-sqlite | roundcube-db, roundcube-core (= ${binary:Version})
+Depends: roundcube-sqlite | roundcube-db, roundcube-core (= ${source:Version})
Description: skinnable AJAX based webmail solution for IMAP servers
RoundCube Webmail is a browser-based multilingual IMAP client with an
application-like user interface. It provides full functionality
Depends: php5-mysql, mysql-client | virtual-mysql-client
Suggests: mysql-server
Provides: roundcube-db
-Description: virtual package providing MySQL dependencies for RoundCube
+Description: metapackage providing MySQL dependencies for RoundCube
This package provides MySQL dependencies for RoundCube Webmail, a
skinnable AJAX based webmail solution for IMAP servers. Install this
one if you want to use a MySQL database with RoundCube.
Depends: php5-pgsql, postgresql-client-8.1 | postgresql-client
Suggests: postgresql-server
Provides: roundcube-db
-Description: virtual package providing PostgreSQL dependencies for RoundCube
+Description: metapackage providing PostgreSQL dependencies for RoundCube
This package provides PostgreSQL dependencies for RoundCube Webmail,
a skinnable AJAX based webmail solution for IMAP servers. Install
this one if you want to use a PostgreSQL database with RoundCube.
Architecture: all
Depends: php5-sqlite, sqlite
Provides: roundcube-db
-Description: virtual package providing sqlite dependencies for RoundCube
+Description: metapackage providing sqlite dependencies for RoundCube
This package provides sqlite dependencies for RoundCube Webmail, a
skinnable AJAX based webmail solution for IMAP servers. Install this
one if you want to use a sqlite database with RoundCube.
--- /dev/null
+--- roundcube-0.2~alpha/program/lib/html2text.php 2008-04-12 15:54:45.000000000 +0200
++++ roundcube-0.2~alpha/program/lib/html2text.php 2008-12-13 14:21:44.000000000 +0100
+@@ -99,6 +99,22 @@
+ */
+ var $width = 70;
+
++ /**
++ * List of preg* regular expression patterns to search for
++ * and replace using callback function.
++ *
++ * @var array $callback_search
++ * @access public
++ */
++ var $callback_search = array(
++ '/<(h)[123456][^>]*>(.*?)<\/h[123456]>/i', // H1 - H3
++ '/<(b)[^>]*>(.*?)<\/b>/i', // <b>
++ '/<(strong)[^>]*>(.*?)<\/strong>/i', // <strong>
++ '/<(a) [^>]*href=("|\')([^"\']+)\2[^>]*>(.*?)<\/a>/i',
++ // <a href="">
++ '/<(th)[^>]*>(.*?)<\/th>/i', // <th> and </th>
++ );
++
+ /**
+ * List of preg* regular expression patterns to search for,
+ * used in conjunction with $replace.
+@@ -112,12 +128,8 @@
+ "/[\n\t]+/", // Newlines and tabs
+ '/<script[^>]*>.*?<\/script>/i', // <script>s -- which strip_tags supposedly has problems with
+ //'/<!-- .* -->/', // Comments -- which strip_tags might have problem a with
+- '/<a [^>]*href=("|\')([^"\']+)\1[^>]*>(.+?)<\/a>/ie', // <a href="">
+- '/<h[123][^>]*>(.+?)<\/h[123]>/ie', // H1 - H3
+- '/<h[456][^>]*>(.+?)<\/h[456]>/ie', // H4 - H6
+ '/<p[^>]*>/i', // <P>
+ '/<br[^>]*>/i', // <br>
+- '/<b[^>]*>(.+?)<\/b>/ie', // <b>
+ '/<i[^>]*>(.+?)<\/i>/i', // <i>
+ '/(<ul[^>]*>|<\/ul>)/i', // <ul> and </ul>
+ '/(<ol[^>]*>|<\/ol>)/i', // <ol> and </ol>
+@@ -126,7 +138,6 @@
+ '/(<table[^>]*>|<\/table>)/i', // <table> and </table>
+ '/(<tr[^>]*>|<\/tr>)/i', // <tr> and </tr>
+ '/<td[^>]*>(.+?)<\/td>/i', // <td> and </td>
+- '/<th[^>]*>(.+?)<\/th>/ie', // <th> and </th>
+ '/ /i',
+ '/"/i',
+ '/>/i',
+@@ -161,12 +172,8 @@
+ ' ', // Newlines and tabs
+ '', // <script>s -- which strip_tags supposedly has problems with
+ //'', // Comments -- which strip_tags might have problem a with
+- '$this->_build_link_list("\\2", "\\3")', // <a href="">
+- "strtoupper(\"\n\n\\1\n\n\")", // H1 - H3
+- "ucwords(\"\n\n\\1\n\")", // H4 - H6
+ "\n\n", // <P>
+ "\n", // <br>
+- 'strtoupper("\\1")', // <b>
+ '_\\1_', // <i>
+ "\n\n", // <ul> and </ul>
+ "\n\n", // <ol> and </ol>
+@@ -175,7 +182,6 @@
+ "\n\n", // <table> and </table>
+ "\n", // <tr> and </tr>
+ "\t\t\\1\n", // <td> and </td>
+- "strtoupper(\"\t\t\\1\n\")", // <th> and </th>
+ ' ',
+ '"',
+ '>',
+@@ -379,6 +385,7 @@
+
+ // Run our defined search-and-replace
+ $text = preg_replace($this->search, $this->replace, $text);
++ $text = preg_replace_callback($this->callback_search, array('html2text', '_preg_callback'), $text);
+
+ // Strip any other HTML tags
+ $text = strip_tags($text, $this->allowed_tags);
+@@ -446,6 +453,44 @@
+
+ return $display . ' [' . ($index+1) . ']';
+ }
++
++ /**
++ * Callback function for preg_replace_callback use.
++ *
++ * @param array PREG matches
++ * @return string
++ * @access private
++ */
++ function _preg_callback($matches)
++ {
++ switch($matches[1])
++ {
++ case 'b':
++ case 'strong':
++ return $this->_strtoupper($matches[2]);
++ case 'hr':
++ return $this->_strtoupper("\t\t". $matches[2] ."\n");
++ case 'h':
++ return $this->_strtoupper("\n\n". $matches[2] ."\n\n");
++ case 'a':
++ return $this->_build_link_list($matches[3], $matches[4]);
++ }
++ }
++
++ /**
++ * Strtoupper multibyte wrapper function
++ *
++ * @param string
++ * @return string
++ * @access private
++ */
++ function _strtoupper($str)
++ {
++ if (function_exists('mb_strtoupper'))
++ return mb_strtoupper($str);
++ else
++ return strtoupper($str);
++ }
+ }
+
+ ?>
+\ Pas de fin de ligne à la fin du fichier.
use-db-backend.patch
correct-magic-path.patch
fix_login.patch
+dont-use-preg-e-option.patch
-index.php program/ bin/ usr/share/roundcube
+robots.txt index.php program/ bin/ usr/share/roundcube
skins temp var/lib/roundcube
debian/conf/* etc/roundcube
# Remove useless file
rm $(CURDIR)/debian/roundcube-core/usr/share/roundcube/bin/*.sh
find $(CURDIR)/debian/roundcube-core -name '._*' -print0 | xargs -r0 rm
+ find $(CURDIR)/debian/roundcube-core -name '.htaccess' -print0 | xargs -r0 rm
# Remove files shipped in tinymce package
rm -rf $(CURDIR)/debian/roundcube-core/usr/share/roundcube/program/js/tiny_mce
dh_link -proundcube-core usr/share/tinymce/www usr/share/roundcube/program/js/tiny_mce
projects / roundcube.git / commitdiff