./mail/roundcube-plugin-password, Password change plugin for roundcube

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.3.6nb1, Package name: php71-roundcube-plugin-password-1.3.6nb1, Maintainer: taca

Password Plugin for Roundcube

Plugin that adds a possibility to change user password using many
methods (drivers) via Settings/Password tab.


Required to run:
[converters/php-iconv] [graphics/php-gd] [databases/php-pdo_mysql] [mail/roundcube] [lang/python27]

Required to build:
[www/apache24] [pkgtools/cwrappers]

Package options: apache, gd, iconv, mysql, php-sockets

Master sites:


Version history: (Expand)


CVS history: (Expand)


   2018-05-20 05:54:54 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
mail/roundcube-plugin-password: fix interpreter

* Replace interpreter of perl script.
* Do not set REPLACE_PYTHON but add to it.

Bump PKGREVISION.
   2018-05-20 05:50:53 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
mail/roundcube-plugin-password: Fix PLIST

Fix PLIST after update to 1.3.6.
   2018-05-16 10:17:50 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (1) | Package updated
Log message:
roundcube-plugin-password: update distinfo for 1.3.6
   2018-04-30 08:45:04 by Takahiro Kambe | Files touched by this commit (5) | Package updated
Log message:
mail/roundcube: update to 1.2.9

RELEASE 1.2.9
-------------
- Fix regression where IMAP commands with '*' uidset argument wasn't working
   2018-04-23 15:55:00 by Takahiro Kambe | Files touched by this commit (5) | Package updated
Log message:
mail/roundcube: update to 1.2.8

This is a security update to the stable version 1.2.  It fixes a recently
reported vulnerability allowing IMAP command injection via a GET parameters.
More details about this are published under CVE-2018-9846.

The second fix is about a missed remote content blocking on HTML messages with
specially crafted image and style tags.

We strongly recommend to update all productive installations of Roundcube
1.2.x.  Please do backup your data before updating!

CHANGELOG

* Fix check_request() bypass in places using get_uids() [CVE-2018-9846]
  (#6238)

* Fix possible IMAP command injection vulnerability [CVE-2018-9846] (#6229)

* Fix security issue in remote content blocking on HTML image and style tags
  (#6178)
   2017-11-09 02:13:12 by Takahiro Kambe | Files touched by this commit (5) | Package updated
Log message:
mail/roundcube: update to 1.2.7

Security fix for CVE-2017-16651.

RELEASE 1.2.7
-------------
- Fix rewind(): stream does not support seeking (#5950)
- Fix bug where HTML messages could have been rendered empty on some systems
  (#5957)
- Fix (again) bug where image data URIs in css style were treated as
  evil/remote in mail preview (#5580)
- Managesieve: Fix parsing dot-staffed lines in multiline text (#5838, #5959)
- Fix file disclosure vulnerability caused by insufficient input validation
  [CVE-2017-16651] (#6026)
   2017-09-11 16:00:23 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
Update roundcube-plugin-password to 1.2.6.

No change except version.
   2017-04-28 15:51:07 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
Update roundcube-plugin-password to 1.2.5 fixing security problem.

RELEASE 1.2.5
-------------
- Password: Fix security issue in virtualmin and sasl drivers [CVE-2017-8114]