summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'mail-client/roundcube')
-rw-r--r--mail-client/roundcube/ChangeLog7
-rw-r--r--mail-client/roundcube/files/roundcube-0.3.1-disable-dns-prefetching.patch40
-rw-r--r--mail-client/roundcube/roundcube-0.3.1-r1.ebuild69
-rw-r--r--mail-client/roundcube/roundcube-0.3.1.ebuild66
4 files changed, 6 insertions, 176 deletions
diff --git a/mail-client/roundcube/ChangeLog b/mail-client/roundcube/ChangeLog
index 0d4f7a60b3be..0c4692c050c2 100644
--- a/mail-client/roundcube/ChangeLog
+++ b/mail-client/roundcube/ChangeLog
@@ -1,6 +1,11 @@
# ChangeLog for mail-client/roundcube
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/mail-client/roundcube/ChangeLog,v 1.32 2010/10/10 20:51:04 maekke Exp $
+# $Header: /var/cvsroot/gentoo-x86/mail-client/roundcube/ChangeLog,v 1.33 2010/10/11 00:55:50 radhermit Exp $
+
+ 11 Oct 2010; Tim Harder <radhermit@gentoo.org> -roundcube-0.3.1.ebuild,
+ -roundcube-0.3.1-r1.ebuild,
+ -files/roundcube-0.3.1-disable-dns-prefetching.patch:
+ Remove old versions with security issues (bug #308065).
10 Oct 2010; Markus Meier <maekke@gentoo.org> roundcube-0.4.ebuild:
arm stable, bug #308065
diff --git a/mail-client/roundcube/files/roundcube-0.3.1-disable-dns-prefetching.patch b/mail-client/roundcube/files/roundcube-0.3.1-disable-dns-prefetching.patch
deleted file mode 100644
index 0ec3c77b706e..000000000000
--- a/mail-client/roundcube/files/roundcube-0.3.1-disable-dns-prefetching.patch
+++ /dev/null
@@ -1,40 +0,0 @@
---- roundcubemail-0.3.1.orig/CHANGELOG 2009-10-31 08:20:02.000000000 -0500
-+++ roundcubemail-0.3.1/CHANGELOG 2010-09-27 23:58:39.540056153 -0500
-@@ -1,6 +1,7 @@
- CHANGELOG RoundCube Webmail
- ===========================
-
-+- Fix CVE-2010-0464: Disable DNS prefetching (#1486449)
- - Specify toolbar container in compose template (#1486247)
- - Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243)
- - Avoid unnecessary page loads for selected tab (#1486032)
---- roundcubemail-0.3.1.orig/program/include/rcube_shared.inc 2009-10-27 04:43:39.000000000 -0500
-+++ roundcubemail-0.3.1/program/include/rcube_shared.inc 2010-09-27 23:58:39.541053001 -0500
-@@ -39,6 +39,8 @@
- header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
- header("Cache-Control: private, must-revalidate, post-check=0, pre-check=0");
- header("Pragma: no-cache");
-+ // Request browser to disable DNS prefetching (CVE-2010-0464)
-+ header("X-DNS-Prefetch-Control: off");
-
- // We need to set the following headers to make downloads work using IE in HTTPS mode.
- if (rcube_https_check()) {
---- roundcubemail-0.3.1.orig/program/steps/mail/get.inc 2009-09-22 02:50:32.000000000 -0500
-+++ roundcubemail-0.3.1/program/steps/mail/get.inc 2010-09-28 00:00:16.001053823 -0500
-@@ -41,6 +41,7 @@
- $MESSAGE = new rcube_message(get_input_value('_uid', RCUBE_INPUT_GET));
- }
-
-+send_nocacheing_headers();
-
- // show part page
- if (!empty($_GET['_frame'])) {
-@@ -66,8 +67,6 @@
-
- $browser = new rcube_browser;
-
-- send_nocacheing_headers();
--
- // send download headers
- if ($_GET['_download']) {
- header("Content-Type: application/octet-stream");
diff --git a/mail-client/roundcube/roundcube-0.3.1-r1.ebuild b/mail-client/roundcube/roundcube-0.3.1-r1.ebuild
deleted file mode 100644
index 778d8b875ed5..000000000000
--- a/mail-client/roundcube/roundcube-0.3.1-r1.ebuild
+++ /dev/null
@@ -1,69 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/mail-client/roundcube/roundcube-0.3.1-r1.ebuild,v 1.1 2010/09/28 05:30:26 radhermit Exp $
-
-EAPI="2"
-
-MY_PN="${PN}mail"
-MY_P="${MY_PN}-${PV}"
-
-inherit webapp depend.php depend.apache
-
-DESCRIPTION="A browser-based multilingual IMAP client with an application-like user interface"
-HOMEPAGE="http://roundcube.net"
-SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tar.gz"
-
-# roundcube is GPL-licensed, the rest of the licenses here are
-# for bundled PEAR components, googiespell and utf8.class.php
-LICENSE="GPL-2 BSD PHP-2.02 PHP-3 MIT public-domain"
-KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86"
-IUSE="ldap mysql postgres ssl spell"
-
-DEPEND=""
-RDEPEND="|| ( <dev-lang/php-5.3[crypt,iconv,ldap?,pcre,postgres?,session,spl,ssl?,unicode]
- >=dev-lang/php-5.3[crypt,iconv,ldap?,postgres?,session,ssl?,unicode] )
- !postgres? ( !mysql? ( dev-lang/php[sqlite] ) )
- spell? ( dev-lang/php[curl,spell] )
- dev-php/PEAR-PEAR"
-
-need_httpd_cgi
-need_php_httpd
-
-S=${WORKDIR}/${MY_P}
-
-pkg_setup() {
- use mysql && require_php_with_any_use mysql mysqli
-
- # add some warnings about optional functionality
- if ! PHPCHECKNODIE="yes" require_php_with_any_use gd gd-external; then
- ewarn "IMAP quota display will not work correctly without GD support in PHP."
- ewarn "Recompile PHP with either gd or gd-external in USE if you want this feature."
- ewarn
- fi
-
- webapp_pkg_setup
-}
-
-src_prepare() {
- epatch "${FILESDIR}"/${P}-disable-dns-prefetching.patch
-
- cp config/db.inc.php{.dist,}
- cp config/main.inc.php{.dist,}
-}
-
-src_install () {
- webapp_src_preinst
- dodoc CHANGELOG INSTALL README UPGRADING
-
- insinto "${MY_HTDOCSDIR}"
- doins -r [[:lower:]]* SQL
- doins .htaccess
-
- webapp_serverowned "${MY_HTDOCSDIR}"/logs
- webapp_serverowned "${MY_HTDOCSDIR}"/temp
-
- webapp_configfile "${MY_HTDOCSDIR}"/config/{db,main}.inc.php
- webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt
- webapp_postupgrade_txt en UPGRADING
- webapp_src_install
-}
diff --git a/mail-client/roundcube/roundcube-0.3.1.ebuild b/mail-client/roundcube/roundcube-0.3.1.ebuild
deleted file mode 100644
index 0452ca747622..000000000000
--- a/mail-client/roundcube/roundcube-0.3.1.ebuild
+++ /dev/null
@@ -1,66 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/mail-client/roundcube/roundcube-0.3.1.ebuild,v 1.11 2010/08/12 08:09:16 a3li Exp $
-
-EAPI="2"
-
-MY_PN="${PN}mail"
-MY_P="${MY_PN}-${PV}"
-
-inherit webapp depend.php depend.apache
-
-DESCRIPTION="A browser-based multilingual IMAP client with an application-like user interface"
-HOMEPAGE="http://roundcube.net"
-SRC_URI="mirror://sourceforge/${MY_PN}/${MY_P}.tar.gz"
-
-# roundcube is GPL-licensed, the rest of the licenses here are
-# for bundled PEAR components, googiespell and utf8.class.php
-LICENSE="GPL-2 BSD PHP-2.02 PHP-3 MIT public-domain"
-KEYWORDS="amd64 arm ppc ppc64 ~sparc x86"
-IUSE="ldap mysql postgres ssl spell"
-
-DEPEND=""
-RDEPEND="dev-lang/php[crypt,iconv,ldap?,pcre,postgres?,session,spl,ssl?,unicode]
- !postgres? ( !mysql? ( dev-lang/php[sqlite] ) )
- spell? ( dev-lang/php[curl,spell] )
- dev-php/PEAR-PEAR
-"
-
-need_httpd_cgi
-need_php_httpd
-
-S=${WORKDIR}/${MY_P}
-
-pkg_setup() {
- use mysql && require_php_with_any_use mysql mysqli
-
- # add some warnings about optional functionality
- if ! PHPCHECKNODIE="yes" require_php_with_any_use gd gd-external; then
- ewarn "IMAP quota display will not work correctly without GD support in PHP."
- ewarn "Recompile PHP with either gd or gd-external in USE if you want this feature."
- ewarn
- fi
-
- webapp_pkg_setup
-}
-
-src_prepare() {
- mv config/db.inc.php{.dist,}
- mv config/main.inc.php{.dist,}
-}
-
-src_install () {
- webapp_src_preinst
- dodoc CHANGELOG INSTALL README UPGRADING
-
- insinto "${MY_HTDOCSDIR}"
- doins -r [[:lower:]]* SQL
-
- webapp_serverowned "${MY_HTDOCSDIR}"/logs
- webapp_serverowned "${MY_HTDOCSDIR}"/temp
-
- webapp_configfile "${MY_HTDOCSDIR}"/config/{db,main}.inc.php
- webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt
- webapp_postupgrade_txt en UPGRADING
- webapp_src_install
-}