-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 17 May 2021 21:00:08 +0200 Source: roundcube Architecture: source Version: 1.5~beta+dfsg.1-3 Distribution: experimental Urgency: medium Maintainer: Debian Roundcube Maintainers <pkg-roundcube-maintainers@alioth-lists.debian.net> Changed-By: Guilhem Moulin <guilhem@debian.org> Closes: 988236 988282 Changes: roundcube (1.5~beta+dfsg.1-3) experimental; urgency=medium . * d/*.post*, d/*.config: Improve style consistency. * d/*.post*: pathfind(): Keep IFS null (instead of setting it to the empty string) if it was null before. * d/roundcube-core.postinst: Set ln(1)'s '-T' to flag protect against undesired semantics should the target be an existing directory. * d/roundcube-core.postinst, d/roundcube-core.config: Replace useless calls to sed. * d/*.pre*, d/*.post*, d/*.config: Fix space damage. * d/roundcube-core.postinst: Make configuration sample parsing and reading roundcube/hosts more robust. * d/roundcube-core.postinst: 3DES key generation: Use a random 18-bytes long string base64 encoded (the key needs to be 24 bytes long). * d/roundcube-core.postinst: lighttpd: Prefer the more efficient fastcgi-php-fpm over fastcgi-php on lighttpd 1.4.55-2 and later. * d/copyright: Add self. * DEP-8: Add basic Apache2 and lighttpd tests. * DEP-8: Add configuration file and log/temp directory ownership and mode checks. * DEP-8: Add an hardened deployment, with a dedicated PHP-FPM pool and dedicated user/group (so the HTTPd can't read sensitive roundcube data). * d/roundcube-core.post*: Reload webserver with deb-systemd-invoke(1) when possible. * d/roundcube-core.postinst: Avoid running bin/update.sh with root privileges, depending on /etc/roundcube/config.inc.php's ownership and mode: if the file is word-readable then issue a warning and run as www-data; otherwise, if the file not root-owned then run as its owner; otherwise, if the file is group readable and is not group owned by root, and the group is used as a primary group for a single user, then use that user. Should all that fail root privileges are preserved and a warning is issued. * d/roundcube-core.postinst: Issue a warning if a .dpkg-new leak is dedected. . roundcube (1.4.11+dfsg.1-4) unstable; urgency=medium . * d/roundcube-core.postinst: Remove the roundcube lighttpd module after it has been disabled, not before (closes: #988282). * d/roundcube-core.postinst: lighttpd: Don't enable fastcgi-php if there is already an enabled fastcgi .php handler (closes: #988236). * d/uupdate: Fix comment. Checksums-Sha1: fe2e8852be89b296201514120d6ef36e49684d39 3601 roundcube_1.5~beta+dfsg.1-3.dsc 1c038c7acc91854affcd9b378fdb85f68fd1deb1 200840 roundcube_1.5~beta+dfsg.1.orig-tinymce-langs.tar.xz 165d600e77badb42d0d35cad72061912a8020eef 1703916 roundcube_1.5~beta+dfsg.1.orig-tinymce.tar.xz 3b593786b1255dae05420413b1a5e33e5b69573d 3066532 roundcube_1.5~beta+dfsg.1.orig.tar.xz 300dac3ff93f911626b88438918eb1117015c0fb 98996 roundcube_1.5~beta+dfsg.1-3.debian.tar.xz dc678d55606727b23ba0724ca57d33ce149098f4 11701 roundcube_1.5~beta+dfsg.1-3_amd64.buildinfo Checksums-Sha256: 55e9b3bf9034f26b37f63304fbafe214e7b3d951d9f7a7b5458c7260ba9ec42c 3601 roundcube_1.5~beta+dfsg.1-3.dsc 4800638d81e470328d501217b8a6b7d2419f441050d55213be0364d16e0cd61d 200840 roundcube_1.5~beta+dfsg.1.orig-tinymce-langs.tar.xz 93cd95afcd071308d2da8273ec9b80533b0fbeab53a451897a20140ac45e52c9 1703916 roundcube_1.5~beta+dfsg.1.orig-tinymce.tar.xz 875b6d771cfb7b5c3364bd9b51dd4858981b22428ce67a8aa033cba3fd356615 3066532 roundcube_1.5~beta+dfsg.1.orig.tar.xz b2c3aef9a5083b387d3d4733386623ebd40e62e6c65084ad5768911aecce5f02 98996 roundcube_1.5~beta+dfsg.1-3.debian.tar.xz 6b8ac2ff9e80faac50db4b992f28d35295f5b3470b65a3bb604f75359f580e54 11701 roundcube_1.5~beta+dfsg.1-3_amd64.buildinfo Files: 3d3bbfcd0f44a5c10b4363d58dea59c3 3601 web optional roundcube_1.5~beta+dfsg.1-3.dsc e31ba981593436a0c3ede8c63d6d03ec 200840 web optional roundcube_1.5~beta+dfsg.1.orig-tinymce-langs.tar.xz 8595f6b9a694b3aea786b48c309332e5 1703916 web optional roundcube_1.5~beta+dfsg.1.orig-tinymce.tar.xz 00960999e9e87ac852c0976ecd5a3920 3066532 web optional roundcube_1.5~beta+dfsg.1.orig.tar.xz b048ab6db6c81eb9a3a7fa8e7b78ffd9 98996 web optional roundcube_1.5~beta+dfsg.1-3.debian.tar.xz e8bbb56821fc87af9476f68dd4d76487 11701 web optional roundcube_1.5~beta+dfsg.1-3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmCivh0ACgkQ05pJnDwh pVL0HRAArSSCg6mgEl/R8ExbaoXEaEBBokP9KzZt4Uc7Dk8c7PEcfo6DLmFJCTaD x9SOkiVJAMM88Mz8wzvGXo5u4ONw70w3Tr4SK39+p3A10OmA40n1LU1aVwzorc1N 43PSTS70EnsxrVUCcNbAKRZcCbQ7FO4LNIfEtlBnjnpODeZj6IMgiNiKYB4l7L8D OoR0eFRcGlBZOFjI1s/zuuHgWAeBsRHTRjIrf+uqWZcYZ+kJmx7e4PJkIJgP0fMg pEhhrll3wTb5Sa+WmlhN8UR8QYo5zceOPCLstfBiqgl7TWnoehYFh0ZaSAZJjqg8 I3khvS/jk2T8Ei/ByvIhFTvWvSYjDhxoMCB5ZuFf9NvSax6D1Qeu6aFYW/wHz9Qe 6Lxu+UA8jJ4/kaq95WcnFlmCDtW6juhaUR44/wwqnMpsRpTQ2QmAAsrAzhe4Epws cbzMuAxMODOBC/1QfiNZuAlmHKPpRDukvZh8vsAIDWrJW+6mTyKg6uoUTqPd2Pbh +c7+azfpkEthqZPItGIpyvYDYKHVxk809T/y2INsXUgKlgQg/X96QCkaxrZDU92+ aO4fvRfqnS688CYNikWXQBm6CHESRCvJj6TDmsZzqD+nDR8T0NOZY2lancKzGN5Z QeV34knepM9gcwjelNNp5FlOzZjZqX3SGorPzQJbSYh948mdTko= =gA2X -----END PGP SIGNATURE-----