mail/roundcube: update to 1.6.3

From release announce: We just published a security update to the version 1.6 of Roundcube Webmail. It provides a fix to a recently reported XSS vulnerability: Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages, reported by Niraj Shivtarkar. See the full changelog in the release notes in the release notes on the Github download page. We strongly recommend to update all productive installations of Roundcube 1.6.x with this new version. 1.6.3 (2023-09-15) * Fix bug where installto.sh/update.sh scripts were removing some essential options from the config file (#9051) * Update jQuery-UI to version 1.13.2 (#9041) * Fix regression that broke use_secure_urls feature (#9052) * Fix potential PHP fatal error when opening a message with message/rfc822 part (#8953) * Fix bug where a duplicate `<title>` tag in HTML email could cause some parts being cut off (#9029) * Fix bug where a list of folders could have been sorted incorrectly (#9057) * Fix regression where LDAP addressbook 'filter' option was ignored (#9061) * Fix wrong order of a multi-folder search result when sorting by size (#9065) * Fix so install/update scripts do not require PEAR (#9037) * Fix regression where some mail parts could have been decoded incorrectly, or not at all (#9096) * Fix handling of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097) * Fix PHP8 deprecation warning in the reconnect plugin (#9083) * Fix "Show source" on mobile with x_frame_options = deny (#9084) * Fix various PHP warnings (#9098) * Fix deprecated use of ldap_connect() in password's ldap_simple driver (#9060) * Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in plain text messages
2023-09-18 03:39:02 +00:00 · 2023-09-18 03:39:02 +00:00 · 21945b9faa
parent dd5330e660
commit 21945b9faa
8 changed files with 18 additions and 22 deletions
--- a/mail/roundcube-plugin-enigma/Makefile
+++ b/mail/roundcube-plugin-enigma/Makefile
@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.15 2023/08/14 05:24:48 wiz Exp $
+# $NetBSD: Makefile,v 1.16 2023/09/18 03:39:02 taca Exp $

 PLUGIN=		enigma

 MAINTAINER=	taca@NetBSD.org
 COMMENT=	Enigma Plugin for Roundcube
-PKGREVISION=	1
 LICENSE=	gnu-gpl-v3

 DEPENDS+=	${PHP_PKG_PREFIX}-pear-Crypt_GPG>=1.4.3:../../security/pear-Crypt_GPG
--- a/mail/roundcube-plugin-password/Makefile
+++ b/mail/roundcube-plugin-password/Makefile
@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.21 2023/08/14 05:24:48 wiz Exp $
+# $NetBSD: Makefile,v 1.22 2023/09/18 03:39:03 taca Exp $

 PLUGIN=		password

 MAINTAINER=	taca@NetBSD.org
 COMMENT=	Password change plugin for roundcube
-PKGREVISION=	2
 LICENSE=	gnu-gpl-v3

 DEPENDS+=	tcl-expect>=5.32.1:../../lang/tcl-expect
--- a/mail/roundcube-plugin-password/distinfo
+++ b/mail/roundcube-plugin-password/distinfo
@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.32 2023/07/07 12:57:21 taca Exp $
+$NetBSD: distinfo,v 1.33 2023/09/18 03:39:03 taca Exp $

-BLAKE2s (roundcubemail-1.6.2-complete.tar.gz) = 91400b528de68ebca896960e72280c9bcc19dac8578602e288c0d703dba26c42
-SHA512 (roundcubemail-1.6.2-complete.tar.gz) = 1889548dbe9913555cec4115137157de9daf5e2cca9e4004fb19c8ddebd3081cce32b6d8634891341c890379c4f9e35a5c705739f24b0b3b93fc31449f090297
-Size (roundcubemail-1.6.2-complete.tar.gz) = 6004046 bytes
+BLAKE2s (roundcubemail-1.6.3-complete.tar.gz) = 6874a24ed9ad198c2bd50e5de93ec782adad8a388d441a2348bee1f1529acae6
+SHA512 (roundcubemail-1.6.3-complete.tar.gz) = 9a44a898f8ed9a338f126af19b572b61a7b108412be5f0c445f6ff3d84636a1487cc594347629a757e2fa18fdfa2881c3dd373e2431132a906799992c935b548
+Size (roundcubemail-1.6.3-complete.tar.gz) = 6026670 bytes
 SHA1 (patch-plugins_password_helpers_passwd-expect) = 15e427a3c90bf7c0437a023b3f099abb5a139165
--- a/mail/roundcube-plugin-zipdownload/Makefile
+++ b/mail/roundcube-plugin-zipdownload/Makefile
@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.12 2023/08/14 05:24:48 wiz Exp $
+# $NetBSD: Makefile,v 1.13 2023/09/18 03:39:03 taca Exp $

 PLUGIN=		zipdownload

 MAINTAINER=	taca@NetBSD.org
 COMMENT=	Roundcube Webmail ZipDownload plugin
-PKGREVISION=	1
 LICENSE=	gnu-gpl-v3

 DEPENDS+=	${PHP_PKG_PREFIX}-zip>=5.4.0:../../archivers/php-zip
--- a/mail/roundcube/Makefile
+++ b/mail/roundcube/Makefile
@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.98 2023/07/27 08:18:00 abs Exp $
+# $NetBSD: Makefile,v 1.99 2023/09/18 03:39:02 taca Exp $

 DISTNAME=	roundcubemail-${RC_VERS}
 PKGNAME=	${PHP_PKG_PREFIX}-${DISTNAME:S/mail-/-/:S/-complete//}
-PKGREVISION=	1

 MAINTAINER=	taca@NetBSD.org
 COMMENT=	Browser-based multilingual IMAP client
--- a/mail/roundcube/Makefile.common
+++ b/mail/roundcube/Makefile.common
@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.30 2023/07/07 12:57:21 taca Exp $
+# $NetBSD: Makefile.common,v 1.31 2023/09/18 03:39:02 taca Exp $
 #
 # used by mail/roundcube/Makefile
 # used by mail/roundcube/plugins.mk
@ -10,7 +10,7 @@ GITHUB_PROJECT=	roundcubemail
 GITHUB_RELEASE=	${RC_VERS}
 HOMEPAGE=	https://roundcube.net/

-RC_VERS=	1.6.2
+RC_VERS=	1.6.3

 USE_LANGUAGES=		# none
 USE_TOOLS+=		pax
--- a/mail/roundcube/PLIST
+++ b/mail/roundcube/PLIST
@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.54 2023/07/27 08:18:00 abs Exp $
+@comment $NetBSD: PLIST,v 1.55 2023/09/18 03:39:02 taca Exp $
 share/doc/roundcube/CHANGELOG.md
 share/doc/roundcube/INSTALL
 share/doc/roundcube/LICENSE
@ -1921,6 +1921,9 @@ share/roundcube/program/localization/tr_TR/messages.inc
 share/roundcube/program/localization/tr_TR/timezones.inc
 share/roundcube/program/localization/tzl/labels.inc
 share/roundcube/program/localization/tzl/messages.inc
+share/roundcube/program/localization/ug/labels.inc
+share/roundcube/program/localization/ug/messages.inc
+share/roundcube/program/localization/ug/timezones.inc
 share/roundcube/program/localization/uk_UA/labels.inc
 share/roundcube/program/localization/uk_UA/messages.inc
 share/roundcube/program/localization/ur_PK/labels.inc
@ -2183,9 +2186,6 @@ share/roundcube/vendor/guzzlehttp/promises/src/RejectionException.php
 share/roundcube/vendor/guzzlehttp/promises/src/TaskQueue.php
 share/roundcube/vendor/guzzlehttp/promises/src/TaskQueueInterface.php
 share/roundcube/vendor/guzzlehttp/promises/src/Utils.php
-share/roundcube/vendor/guzzlehttp/promises/vendor-bin/php-cs-fixer/composer.json
-share/roundcube/vendor/guzzlehttp/promises/vendor-bin/phpstan/composer.json
-share/roundcube/vendor/guzzlehttp/promises/vendor-bin/psalm/composer.json
 share/roundcube/vendor/guzzlehttp/psr7/CHANGELOG.md
 share/roundcube/vendor/guzzlehttp/psr7/LICENSE
 share/roundcube/vendor/guzzlehttp/psr7/README.md
--- a/mail/roundcube/distinfo
+++ b/mail/roundcube/distinfo
@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.84 2023/07/07 12:57:21 taca Exp $
+$NetBSD: distinfo,v 1.85 2023/09/18 03:39:02 taca Exp $

-BLAKE2s (roundcubemail-1.6.2-complete.tar.gz) = 91400b528de68ebca896960e72280c9bcc19dac8578602e288c0d703dba26c42
-SHA512 (roundcubemail-1.6.2-complete.tar.gz) = 1889548dbe9913555cec4115137157de9daf5e2cca9e4004fb19c8ddebd3081cce32b6d8634891341c890379c4f9e35a5c705739f24b0b3b93fc31449f090297
-Size (roundcubemail-1.6.2-complete.tar.gz) = 6004046 bytes
+BLAKE2s (roundcubemail-1.6.3-complete.tar.gz) = 6874a24ed9ad198c2bd50e5de93ec782adad8a388d441a2348bee1f1529acae6
+SHA512 (roundcubemail-1.6.3-complete.tar.gz) = 9a44a898f8ed9a338f126af19b572b61a7b108412be5f0c445f6ff3d84636a1487cc594347629a757e2fa18fdfa2881c3dd373e2431132a906799992c935b548
+Size (roundcubemail-1.6.3-complete.tar.gz) = 6026670 bytes
 SHA1 (patch-config_config.inc.php.sample) = 92a48a97b16fe3f5f4b9441fce762a559d8daca7
 SHA1 (patch-program_include_iniset.php) = 8a6c13c0c87d583ed60e43c01a4173d9d802a6a1
 SHA1 (patch-program_lib_Roundcube_rcube__mime.php) = b1e9479d575b7fd61c413e2b76ee36c06ece7a5c