Up to [cvs.NetBSD.org] / pkgsrc / mail / roundcube-plugin-password
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
*: recursive bump for perl 5.40
mail/roundcube: update to 1.6.3 From release announce: We just published a security update to the version 1.6 of Roundcube Webmail. It provides a fix to a recently reported XSS vulnerability: Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages, reported by Niraj Shivtarkar. See the full changelog in the release notes in the release notes on the Github download page. We strongly recommend to update all productive installations of Roundcube 1.6.x with this new version. 1.6.3 (2023-09-15) * Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file (#9051) * Update jQuery-UI to version 1.13.2 (#9041) * Fix regression that broke use_secure_urls feature (#9052) * Fix potential PHP fatal error when opening a message with message/rfc822 part (#8953) * Fix bug where a duplicate `<title>` tag in HTML email could cause some parts being cut off (#9029) * Fix bug where a list of folders could have been sorted incorrectly (#9057) * Fix regression where LDAP addressbook 'filter' option was ignored (#9061) * Fix wrong order of a multi-folder search result when sorting by size (#9065) * Fix so install/update scripts do not require PEAR (#9037) * Fix regression where some mail parts could have been decoded incorrectly, or not at all (#9096) * Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097) * Fix PHP8 deprecation warning in the reconnect plugin (#9083) * Fix "Show source" on mobile with x_frame_options = deny (#9084) * Fix various PHP warnings (#9098) * Fix deprecated use of ldap_connect() in password's ldap_simple driver (#9060) * Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages
*: recursive bump for Python 3.11 as new default
*: recursive bump for perl 5.38
mail/roundcube: update to 1.5.3 1.5.3 (2022-06-26) * Enigma: Fix initial synchronization of private keys * Enigma: Fix double quoted-printable encoding of pgp-signed messages with no attachments (#8413) * Fix various PHP8 warnings (#8392) * Fix mail headers injection via the subject field on mail compose (#8404) * Fix bug where small message/rfc822 parts could not be decoded (#8408) * Fix setting HTML mode on reply/forward of a signed message (#8405) * Fix handling of RFC2231-encoded attachment names inside of a message/rfc822 part (#8418) * Fix bug where some mail parts (images) could have not be listed as attachments (#8425) * Fix bug where attachment icons were stuck at the top of the messages list in Safari (#8433) * Fix handling of message/rfc822 parts that are small and are multipart structures with a single part (#8458) * Fix bug where session could time out if DB and PHP timezone were different (#8303) * Fix bug where DSN flag state wasn't stored with a draft (#8371) * Fix broken encoding of HTML content encapsulated in a RTF attachment (#8444) * Fix problem with aria-hidden=true on toolbar menus in the Elastic skin (#8517) * Fix bug where title tag content was displayed in the body if it contained HTML tags (#8540) * Fix support for DSN specification without host e.g. pgsql:///dbname (#8558)
*: Revbump packages that use Python at runtime without a PKGNAME prefix
*: recursive bump for perl 5.36
mail/roundcube: update to 1.5.0 1.5.0 (2021-10-17) Quote from release announce: We proudly announce the final release of the next major version 1.5 of Roundcube webmail. With this milestone we introduce new features and full PHP 8.0 support. The most noteworthy additions are: - Dark mode for Elastic skin - OAuth2/XOauth support (with plugin hooks) - Collected recipients and trusted senders - Moving recipients between inputs with drag & drop - Full unicode support with MySQL database - Support of IMAP LITERAL- extension RFC 7888 <https://datatracker.ietf.org/doc/html/rfc7888> - Support of RFC 2231 <https://datatracker.ietf.org/doc/html/rfc2231> encoded names - Cache refactoring
roundcube: use PKG_SYSCONFDIR for plug-in configuration files This moves the configuration files for Roundcube plug-ins to $PKG_SYSCONFDIR, where they should belong instead of $RC_DIR/$PLUGIN_DIR. This works without any further patches, because Roundcube falls back to RCUBE_CONFIG_DIR.'/'.$this->ID . '.inc.php' for plug-ins basically. Bumps PKGREVISION for the plug-ins using ../../mail/roundcube/plugins.mk (enigma, password, and zipdownload). Tested on NetBSD/amd64. OK taca@
*: recursive bump for perl 5.34
mail/roundcube: update to 1.4.10 Update roundcube to 1.4.10, including security fix. RELEASE 1.4.10 -------------- - Fix extra angle brackets in In-Reply-To header derived from mailto: params (#7655) - Fix folder list issue whan special folder is a subfolder (#7647) - Fix Elastic's folder subscription toggle in search result (#7653) - Fix state of subscription toggle on folders list after changing folder state from the search result (#7653) - Security: Fix cross-site scripting (XSS) via HTML or Plain text messages with malicious content [CVE-2020-35730]
Revbump packages with a runtime Python dep but no version prefix. For the Python 3.8 default switch.
mail/roundcube-plugin-password: reset PKGREVISION Reset PKGREVSION with updating to 1.4.9.
*: bump PKGREVISION for perl-5.32.
Pullup ticket #6185 - requested by taca mail/roundcube: security fix Revisions pulled up: - mail/roundcube-plugin-password/Makefile 1.9 - mail/roundcube-plugin-password/distinfo 1.17 - mail/roundcube/Makefile.common 1.17 - mail/roundcube/PLIST 1.48 - mail/roundcube/distinfo 1.68 --- Module Name: pkgsrc Committed By: taca Date: Thu Apr 30 07:09:34 UTC 2020 Modified Files: pkgsrc/mail/roundcube: Makefile.common PLIST distinfo Log Message: mail/roundcube: update to 1.4.4 Update roundcube, roundcube-plugin-enigma and roundcube-plugin-zipdownload to 1.4.4. This includes security fixes.. RELEASE 1.4.4 ------------- - Fix bug where attachments with Content-Id were attached to the message on reply (#7122) - Fix identity selection on reply when both sender and recipient addresses are included in identities (#7211) - Elastic: Fix text selection with Shift+PageUp and Shift+PageDown in plain text editor when using Chrome (#7230) - Elastic: Fix recipient input bug when using click to select a contact from autocomplete list (#7231) - Elastic: Fix color of a folder with recent messages (#7281) - Elastic: Restrict logo size in print view (#7275) - Fix invalid Content-Type for messages with only html part and inline images - Mail_Mime-1.10.7 (#7261) - Fix missing contact display name in QR Code data (#7257) - Fix so button label in Select image/media dialogs is "Close" not "Cancel" (#7246) - Fix regression in testing database schema on MSSQL (#7227) - Fix cursor position after inserting a group to a recipient input using autocompletion (#7267) - Fix string literals handling in IMAP STATUS (and various other) responses (#7290) - Fix bug where multiple images in a message were replaced by the first one on forward/reply/edit (#7293) - Fix handling keyservers configured with protocol prefix (#7295) - Markasjunk: Fix marking as spam/ham on moving messages with Move menu (#7189) - Markasjunk: Fix bug where moving to Junk was failing on messages selected with Select > All (#7206) - Fix so imap error message is displayed to the user on folder create/update (#7245) - Fix bug where a special folder couldn't be created if a special-use flag is not supported (#7147) - Mailvelope: Fix bug where recipients with name were not handled properly in mail compose (#7312) - Fix characters encoding in group rename input after group creation/rename (#7330) - Fix bug where some message/rfc822 parts could not be attached on forward (#7323) - Make install-jsdeps.sh script working without the 'file' program installed (#7325) - Fix performance issue of parsing big HTML messages by disabling HTML5 parser for these (#7331) - Fix so Print button for PDF attachments works on Firefox >= 75 (#5125) - Security: Fix XSS issue in handling of CDATA in HTML messages - Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings - Security: Fix local file inclusion (and code execution) via crafted 'plugins' option - Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302) RELEASE 1.4.3 ------------- - Enigma: Fix so key list selection is reset when opening key creation form (#7154) - Enigma: Fix so using list checkbox selection does not load the key preview frame - Enigma: Fix generation of key pairs for identities with IDN domains (#7181) - Enigma: Display IDN domains of key users and identities in UTF8 - Enigma: Fix bug where "Send unencrypted" button didn't work in Elastic skin (#7205) - Managesieve: Fix bug where it wasn't possible to save flag actions (#7188) - Markasjunk: Fix bug where marking as spam/ham didn't work on moving messages with drag-and-drop (#7137) - Elastic: Fix disappearing sidebar in mail compose after clicking Mail button - Elastic: Fix incorrect aria-disabled attribute on Mail taskmenu button in mail compose - Elastic: Fix bug where it was possible to switch editor mode when 'htmleditor' was in 'dont_override' (#7143) - Elastic: Fix text selection in recipient inputs (#7129) - Elastic: Fix missing Close button in "more recipients" dialog - Elastic: Fix non-working folder subscription checkbox for newly added folders (#7174) - Fix regression where "Open in new window" action didn't work (#7155) - Fix PHP Warning: array_filter() expects parameter 1 to be array, null given in subscriptions_option plugin (#7165) - Fix unexpected error message when mail refresh involves folder auto-unsubscribe (#6923) - Fix recipient duplicates in print-view when the recipient list has been expanded (#7169) - Fix bug where files in skins/ directory were listed on skins list (#7180) - Fix bug where message parts with no Content-Disposition header and no name were not listed on attachments list (#7117) - Fix display issues with mail subject that contains line-breaks (#7191) - Fix invalid Content-Transfer-Encoding on multipart messages - Mail_Mime fix (#7170) - Fix regression where using an absolute path to SQLite database file on Windows didn't work (#7196) - Fix using unix:///path/to/socket.file in memcached driver (#7210) --- Module Name: pkgsrc Committed By: taca Date: Thu Apr 30 07:11:16 UTC 2020 Modified Files: pkgsrc/mail/roundcube-plugin-password: Makefile distinfo Log Message: mail/roundcube-plugin-password: update to 1.4.4 Update roundcube-plugin-password to 1.4.4. pkgsrc change: add dependecy to lang/tcl-expect. RELEASE 1.4.3 ------------- - Password: Make chpass-wrapper.py Python 3 compatible (#7135)
Pullup ticket #6182 - requested by taca mail/roundcube-plugin-password: bugfix Revisions pulled up: - mail/roundcube-plugin-password/Makefile 1.8 - mail/roundcube-plugin-password/distinfo 1.16 - mail/roundcube-plugin-password/patches/patch-plugins_password_helpers_passwd-expect 1.1 - mail/roundcube/distinfo 1.67 - mail/roundcube/patches/patch-plugins_password_helpers_passwd-expect deleted --- Module Name: pkgsrc Committed By: taca Date: Sun Apr 26 08:48:24 UTC 2020 Modified Files: pkgsrc/mail/roundcube: distinfo pkgsrc/mail/roundcube-plugin-password: Makefile Added Files: pkgsrc/mail/roundcube-plugin-password: distinfo pkgsrc/mail/roundcube-plugin-password/patches: patch-plugins_password_helpers_passwd-expect Removed Files: pkgsrc/mail/roundcube/patches: patch-plugins_password_helpers_passwd-expect Log Message: mail/roundcube-plugin-password: fix runtime problem Fix roundcube-plugin-password. * Patch for roundcube-plugin-password had not been applied accidently. * More changes were required to make it work on *BSD system. Bump PKGREVISION.
mail/roundcube-plugin-password: update to 1.4.4 Update roundcube-plugin-password to 1.4.4. pkgsrc change: add dependecy to lang/tcl-expect. RELEASE 1.4.3 ------------- - Password: Make chpass-wrapper.py Python 3 compatible (#7135)
mail/roundcube-plugin-password: fix runtime problem Fix roundcube-plugin-password. * Patch for roundcube-plugin-password had not been applied accidently. * More changes were required to make it work on *BSD system. Bump PKGREVISION.
mail/roundcube-plugin-password: update to 1.4.2 Update roundcube-plugin-password to 1.4.2. pkgsrc change: * Use common patches/distinfo directory with roundcube. RELEASE 1.4.2 ------------- - Password: Fix kpasswd and smb drivers' double-escaping bug (#7092) RELEASE 1.4-rc2 --------------- - Password: Added ldap_exop driver (#4992) - Password: Added support for SSHA512 password algorithm (#6805) RELEASE 1.4-rc1 --------------- - Password: Added 'modoboa' driver (#6361) - Password: Fix bug where password_dovecotpw_with_method setting could be ignored (#6436) - Password: Fix bug where new users could skip forced password change (#6434) - Password: Allow drivers to override default password comparisons (eg new is not same as current) (#6473) - Password: Allow drivers to override default strength checks (eg allow for 'not the same as last x passwords') (#246) - Passowrd: Allow drivers to define password strength rules displayed to the user - Password: Allow separate password saving and strength drivers for use of strength checking services (#5040) - Password: Add zxcvbn driver for checking password strength (#6479) - Password: Disallow control characters in passwords - Password: Add support for Plesk >= 17.8 (#6526) RELEASE 1.4-beta ---------------- - Password: Support host variables in password_db_dsn option (#5955) - Password: Automatic virtualmin domain setting, removed password_virtualmin_format option (#5759) - Password: Added password_username_format option (#5766)
Pullup ticket #6046 - requested by taca mail/roundcube, mail/roundcube-plugin-*: security fix Revisions pulled up: - mail/roundcube-plugin-enigma/Makefile 1.6 - mail/roundcube-plugin-enigma/distinfo 1.14 - mail/roundcube-plugin-password/Makefile 1.6 - mail/roundcube-plugin-password/distinfo 1.14 - mail/roundcube-plugin-zipdownload/Makefile 1.4 - mail/roundcube-plugin-zipdownload/distinfo 1.14 - mail/roundcube/Makefile.common 1.14 - mail/roundcube/distinfo 1.65 --- Module Name: pkgsrc Committed By: taca Date: Sun Sep 1 13:08:09 UTC 2019 Modified Files: pkgsrc/mail/roundcube: Makefile.common distinfo Log Message: mail/roundcube: update to 1.3.10 RELEASE 1.3.10 -------------- - Managesieve: Fix so "Create filter" option does not show up when Filters menu is disabled (#6723) - Fix compatibility with kolab/net_ldap3 > 1.0.7 (#6785) - Fix bug where bmp images couldn't be displayed on some systems (#6728) - Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744) - Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758) - Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746) - Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793) - Fix bug where selection of columns on messages list wasn't working - Fix bug in converting multi-page Tiff images to Jpeg (#6824) - Fix wrong messages order after returning to a multi-folder search result (#6836) - Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866) - Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898) - Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899) - Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897) - Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896) --- Module Name: pkgsrc Committed By: taca Date: Sun Sep 1 13:08:56 UTC 2019 Modified Files: pkgsrc/mail/roundcube-plugin-enigma: Makefile distinfo Log Message: mail/roundcube-plugin-enigma: update to 1.3.10 RELEASE 1.3.10 -------------- - Enigma: Fix bug where revoked users/keys were not greyed out in key info - Enigma: Fix error message when trying to encrypt with a revoked key (#6607) - Enigma: Fix "decryption oracle" bug [CVE-2019-10740] (#6638) --- Module Name: pkgsrc Committed By: taca Date: Sun Sep 1 13:10:39 UTC 2019 Modified Files: pkgsrc/mail/roundcube-plugin-password: Makefile distinfo Log Message: mail/roundcube-plugin-password: update to 1.3.10 Update roundcube-plugin-password to 1.3.10. No changes except version. pkgsrc change: remove duplicated setting PLUGIN. --- Module Name: pkgsrc Committed By: taca Date: Sun Sep 1 13:11:47 UTC 2019 Modified Files: pkgsrc/mail/roundcube-plugin-zipdownload: Makefile distinfo Log Message: mail/roundcube-plugin-zipdownload: update to 1.3.10 Update roundcube-plugin-password to 1.3.10. No changes except version. pkgsrc change: remove duplicated setting PLUGIN.
mail/roundcube-plugin-password: update to 1.3.10 Update roundcube-plugin-password to 1.3.10. No changes except version. pkgsrc change: remove duplicated setting PLUGIN.
mail/roundcube: update to 1.3.9 Update roundcube and related pacakges to 1.3.9. RELEASE 1.3.9 ------------- - Fix TinyMCE download location (#6694) - Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494) - Fix handling of empty entries in vCard import (#6564) - Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577) - Fix PHP 7.2 compatibility in debug_logger plugin (#6586) - Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581) - Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599) - Fix missing CSRF token on a link to download too-big message part (#6621) - Fix bug when aborting dragging with ESC key didn't stop the move action (#6623) - Fix bug where next row wasn't selected after deleting a collapsed thread (#6655)
PKGREVISION bump for anything using python without a PYPKGPREFIX. This is a semi-manual PKGREVISION bump.
Pullup ticket #5816 - requested by taca mail/roundcube: security fix, build fix Revisions pulled up: - mail/roundcube-plugin-enigma/distinfo 1.11 - mail/roundcube-plugin-password/Makefile 1.3 - mail/roundcube-plugin-password/distinfo 1.11 - mail/roundcube-plugin-zipdownload/distinfo 1.11 - mail/roundcube/Makefile.common 1.11 - mail/roundcube/distinfo 1.62 --- Module Name: pkgsrc Committed By: taca Date: Thu Aug 9 15:03:57 UTC 2018 Modified Files: pkgsrc/mail/roundcube: Makefile.common distinfo Log Message: mail/roundcube: update to 1.3.7 RELEASE 1.3.7 ------------- - Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244) - Fix bug where some parts of quota information could have been ignored (#6280) - Fix bug where some escape sequences in html styles could bypass security checks - Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names - Fix bug where only attachments with the same name would be ignored on zip download (#6301) - Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299) - Fix bug where after "mark all folders as read" action message counters were not reset (#6307) - Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289) - Fix bug where some HTML comments could have been malformed by HTML parser (#6333) --- Module Name: pkgsrc Committed By: taca Date: Thu Aug 9 15:07:01 UTC 2018 Modified Files: pkgsrc/mail/roundcube-plugin-enigma: distinfo Log Message: mail/roundcube-plugin-enigma: update to 1.3.7 - Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289) --- Module Name: pkgsrc Committed By: taca Date: Thu Aug 9 15:08:15 UTC 2018 Modified Files: pkgsrc/mail/roundcube-plugin-password: Makefile distinfo Log Message: mail/roundcube-plugin-password: update to 1.3.7 * No change except version. Reset PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Thu Aug 9 15:09:31 UTC 2018 Modified Files: pkgsrc/mail/roundcube-plugin-zipdownload: distinfo Log Message: mail/roundcube-plugin-zipdownload: update to 1.3.7 A small PHP poratbility fix.
mail/roundcube-plugin-password: update to 1.3.7 * No change except version. Reset PKGREVISION.
Pullup ticket #5761 - requested by taca mail/roundcube-plugin-password: build fix Revisions pulled up: - mail/roundcube-plugin-password/Makefile 1.2 - mail/roundcube-plugin-password/PLIST 1.3 - mail/roundcube-plugin-password/distinfo 1.10 --- Module Name: pkgsrc Committed By: triaxx Date: Wed May 16 08:17:50 UTC 2018 Modified Files: pkgsrc/mail/roundcube-plugin-password: distinfo Log Message: roundcube-plugin-password: update distinfo for 1.3.6 --- Module Name: pkgsrc Committed By: taca Date: Sun May 20 03:50:53 UTC 2018 Modified Files: pkgsrc/mail/roundcube-plugin-password: PLIST Log Message: mail/roundcube-plugin-password: Fix PLIST Fix PLIST after update to 1.3.6. --- Module Name: pkgsrc Committed By: taca Date: Sun May 20 03:54:54 UTC 2018 Modified Files: pkgsrc/mail/roundcube-plugin-password: Makefile Log Message: mail/roundcube-plugin-password: fix interpreter * Replace interpreter of perl script. * Do not set REPLACE_PYTHON but add to it. Bump PKGREVISION.
mail/roundcube-plugin-password: fix interpreter * Replace interpreter of perl script. * Do not set REPLACE_PYTHON but add to it. Bump PKGREVISION.
Add roundcube-plugin-password package version 1.2.1, it is part of official roundcube. Password Plugin for Roundcube Plugin that adds a possibility to change user password using many methods (drivers) via Settings/Password tab.