]> git.donarmstrong.com Git - roundcube.git/commitdiff
projects / roundcube.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6810daf)
Imported Debian patch 0.1~beta2.2~dfsg-2
authorVincent Bernat <bernat@luffy.cx>
Fri, 4 May 2007 22:23:40 +0000 (00:23 +0200)
committerJérémy Bobbio <lunar@debian.org>
Sat, 18 Jun 2011 15:59:49 +0000 (17:59 +0200)
debian/changelog patch | blob | history
debian/conf/apache.conf patch | blob | history
debian/patches/rfc2822_date.patch [new file with mode: 0644] patch | blob
debian/patches/series patch | blob | history

diff --git a/debian/changelog b/debian/changelog
index 0a9d79b184a207b42f647a4f54d5f4d650d96611..e7230af51d16d8169ff908df06ff4a0f6ff0b36e 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+roundcube (0.1~beta2.2~dfsg-2) unstable; urgency=low
+
+  * Fix a security issue by disallowing access to logs.
+  * First upload to unstable.
+
+ -- Vincent Bernat <bernat@luffy.cx>  Sat,  5 May 2007 00:23:40 +0200
+
 roundcube (0.1~beta2.2~dfsg-1) experimental; urgency=low
 
   * Initial release. (Closes: #333756, #344949)
diff --git a/debian/conf/apache.conf b/debian/conf/apache.conf
index 1f5cffa74945d9cd16fde5c69c89d534c4ddd000..b4447d47866d39b7bc7b7dd9f720de12eb900740 100644 (file)
--- a/debian/conf/apache.conf
+++ b/debian/conf/apache.conf
@@ -22,4 +22,9 @@
        Deny from all
 </Directory>
 
-
+<Directory /var/lib/roundcube/logs>
+        Options -FollowSymLinks
+        AllowOverride None
+       Order allow,deny
+       Deny from all
+</Directory>
diff --git a/debian/patches/rfc2822_date.patch b/debian/patches/rfc2822_date.patch
new file mode 100644 (file)
index 0000000..a5b63a0
--- /dev/null
+++ b/debian/patches/rfc2822_date.patch
@@ -0,0 +1,11 @@
+--- roundcubemail-0.1beta2/program/steps/mail/sendmail.inc~    2006-08-01 00:51:23.000000000 +0200
++++ roundcubemail-0.1beta2/program/steps/mail/sendmail.inc     2007-04-08 14:58:54.000000000 +0200
+@@ -107,7 +107,7 @@
+   $identity_arr['string'] = $from;
+ // compose headers array
+-$headers = array('Date' => date('D, j M Y G:i:s O'),
++$headers = array('Date' => date('D, j M Y H:i:s O'),
+                  'From' => $identity_arr['string'],
+                  'To'   => rcube_charset_convert($mailto, $input_charset, $message_charset));
diff --git a/debian/patches/series b/debian/patches/series
index d9c2b5e56c3fba7d3deddf888f0649d7c59210c2..a03f782d5a872b066711cf8cc967a15d14083996 100644 (file)
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 dbconfig-common_support.patch
 correct_install_path.patch
 use_mcrypt.patch
+rfc2822_date.patch
Roundcube Debian Packaging