Log message:
mail/roundcube: update to 1.5.3

1.5.3 (2022-06-26)

* Enigma: Fix initial synchronization of private keys
* Enigma: Fix double quoted-printable encoding of pgp-signed messages with
  no attachments (#8413)
* Fix various PHP8 warnings (#8392)
* Fix mail headers injection via the subject field on mail compose (#8404)
* Fix bug where small message/rfc822 parts could not be decoded (#8408)
* Fix setting HTML mode on reply/forward of a signed message (#8405)
* Fix handling of RFC2231-encoded attachment names inside of a
  message/rfc822 part (#8418)
* Fix bug where some mail parts (images) could have not be listed as
  attachments (#8425)
* Fix bug where attachment icons were stuck at the top of the messages list
  in Safari (#8433)
* Fix handling of message/rfc822 parts that are small and are multipart
  structures with a single part (#8458)
* Fix bug where session could time out if DB and PHP timezone were different
  (#8303)
* Fix bug where DSN flag state wasn't stored with a draft (#8371)
* Fix broken encoding of HTML content encapsulated in a RTF attachment
  (#8444)
* Fix problem with aria-hidden=true on toolbar menus in the Elastic
  skin (#8517)
* Fix bug where title tag content was displayed in the body if it contained
  HTML tags (#8540)
* Fix support for DSN specification without host e.g. pgsql:///dbname
  (#8558)

Log message:
mail/roundcube: update to 1.5.2

This update contains security fix.

Roundcube Webmail 1.5.1 (2021-11-28)

This is the first service release to update the new stable version 1.5.  It
provides a bunch of small fixes and improvements after getting your feedback
from the 1.5.0 release.  See the full changelog below.

Important note for MySQL and MariaDB database backends

The change to full UTF-8 support in MySQL/MariaDB didn't work for everybody
migrating an existing DB.  Hence here's an important notice from the
UPGRADING instructions:

If you use MySQL < 5.7.7 or MariaDB < 10.2.2 make sure to configure it with:

	innodb_large_prefix=1
	innodb_file_per_table=1
	innodb_file_format=Barracuda

This version is considered stable and we recommend to update all productive
installations of Roundcube with it.  Please do backup your data before
updating!

CHANGELOG

* Fix importing contacts with no email address (#8227)
* Fix so session's search scope is not used if search is not active (#8199)
* Fix some PHP8 warnings (#8239)
* Fix so dark mode state is retained after closing the browser (#8237)
* Fix bug where new messages were not added to the list on refresh if
  skip_deleted=true (#8234)
* Fix colors on "Show source" page in dark mode (#8246)
* Fix handling of dark_mode_support:false setting in skins meta.json - also
  when devel_mode=false (#8249)
* Fix database initialization if db_prefix is a schema prefix (#8221)
* Fix undefined constant error in Installer on Windows (#8258)
* Fix installation/upgrade on MySQL 5.5 - Index column size too large (#8231)
* Fix regression in setting of contact listing name (#8260)
* Fix bug in Larry skin where headers toggle state was reset on full page
  preview (#8203)
* Fix bug where \u200b characters were added into the recipient input
  preventing mail delivery (#8269)
* Fix charset conversion errors on PHP < 8 for charsets not supported by
  mbstring (#8252)
* Fix bug where adding a contact to trusted senders via "Always allow
  from..." button didn't work (#8264, #8268)
* Fix bug with show_images setting where option 1 and 3 were swapped (#8268)
* Fix PHP fatal error on an undefined constant in contacts import action
  (#8277)
* Fix fetching headers of multiple message parts at once in
  rcube_imap_generic::fetchMIMEHeaders() (#8282)
* Fix bug where attachment download could sometimes fail with a CSRF check
  error (#8283)
* Fix an infinite loop when parsing environment variables with float/integer
  values (#8293)
* Fix so 'small-dark' logo has more priority than the 'small' logo (#8298)

Roundcube Webmail 1.5.2 (2021-12-30)

This is the second service release to update the new stable version 1.5.  It
provides a bunch of small fixes and improvements to the OAuth feature as
well as a security fix to a recently reported XSS vulnerability.  See the
full changelog below.

Security fix

* Cross-site scripting (XSS) via HTML messages with malicious CSS content

This version is considered stable and we recommend to update all productive
installations of Roundcube with it.  Please do backup your data before
updating!

CHANGELOG

* OAuth: pass 'id_token' to 'oauth_login' plugin hook (#8214)
* OAuth: fix expiration of short-lived oauth tokens (#8147)
* OAuth: fix relative path to assets if /index.php/foo/bar url is used
  (#8144)
* OAuth: no auto-redirect on imap login failures (#8370)
* OAuth: refresh access token in 'refresh' plugin hook (#8224)
* Fix so folder search parameters are honored by subscriptions_option plugin
  (#8312)
* Fix password change with Directadmin driver (#8322, #8329)
* Fix so css files in plugins/jqueryui/themes will be minified too (#8337)
* Fix handling of unicode/special characters in custom From input (#8357)
* Fix some PHP8 compatibility issues (#8363)
* Fix chpass-wrapper.py helper compatibility with Python 3 (#8324)
* Fix scrolling and missing Close button in the Select image dialog in
  Elastic/mobile (#8367)
* Security: fix cross-site scripting (XSS) via HTML messages with malicious
  CSS content

Log message:
mail/roundcube: update to 1.5.0

1.5.0 (2021-10-17)

Quote from release announce:

We proudly announce the final release of the next major version 1.5 of
Roundcube webmail. With this milestone we introduce new features and full
PHP 8.0 support. The most noteworthy additions are:

   - Dark mode for Elastic skin
   - OAuth2/XOauth support (with plugin hooks)
   - Collected recipients and trusted senders
   - Moving recipients between inputs with drag & drop
   - Full unicode support with MySQL database
   - Support of IMAP LITERAL- extension RFC 7888
     <https://datatracker.ietf.org/doc/html/rfc7888>
   - Support of RFC 2231 <https://datatracker.ietf.org/doc/html/rfc2231>
     encoded names
   - Cache refactoring

Log message:
mail: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

The following distfiles were unfetchable (possibly fetched
conditionally?):

./mail/qmail/distinfo netqmail-1.05-TAI-leapsecs.patch

Log message:
mail: Remove SHA1 hashes for distfiles

Log message:
roundcube: use PKG_SYSCONFDIR for plug-in configuration files

This moves the configuration files for Roundcube plug-ins to $PKG_SYSCONFDIR,
where they should belong instead of $RC_DIR/$PLUGIN_DIR.

This works without any further patches, because Roundcube falls back to
RCUBE_CONFIG_DIR.'/'.$this->ID . '.inc.php' for plug-ins basically.

Bumps PKGREVISION for the plug-ins using ../../mail/roundcube/plugins.mk
(enigma, password, and zipdownload).

Tested on NetBSD/amd64.

OK taca@

Log message:
Switch to use lang/php/json.mk.

Log message:
mail/roundcube: update to 1.4.11

RELEASE 1.4.11
--------------
- Display a nice error informing about no PHP8 support
- Elastic: Fix compatibility with Less v3 and v4 (#7813)
- Fix bug with managesieve_domains in Settings > Forwarding form (#7849)
- Fix errors in MSSQL database update scripts (#7853)
- Security: Fix cross-site scripting (XSS) via HTML messages with
  malicious CSS content

Log message:
mail/roundcube: update to 1.4.10

Update roundcube to 1.4.10, including security fix.

RELEASE 1.4.10
--------------
- Fix extra angle brackets in In-Reply-To header derived from mailto: params (#7655)
- Fix folder list issue whan special folder is a subfolder (#7647)
- Fix Elastic's folder subscription toggle in search result (#7653)
- Fix state of subscription toggle on folders list after changing folder state \ 
from the search result (#7653)
- Security: Fix cross-site scripting (XSS) via HTML or Plain text messages with \ 
malicious content [CVE-2020-35730]

Log message:
mail/roundcube: update to 1.4.9

Update roundcube package to 1.4.9.

Roundcube Webmail 1.4.9 (2020-09-27)

This is a service update to the stable version 1.4 of Roundcube Webmail.

It contains fixes and general improvements from our issue tracker, mainly
related to email composition and UI oddities in Elastic skin and with the
TinyMCE richtext editor.  See the full changelog below.

This version is considered stable and we recommend to update all productive
installations of Roundcube with it.

Please do backup your data before updating!

CHANGELOG

* Fix HTML editor in latest Chrome 85.0.4183.102, update to TinyMCE 4.9.11
  (#7615)
* Add missing localization for some label/legend elements in userinfo plugin
  (#7478)
* Fix importing birthday dates from Gmail vCards (BDAY:YYYYMMDD)
* Fix restoring Cc/Bcc fields from local storage (#7554)
* Fix jstz.min.js installation, bump version to 1.0.7
* Fix incorrect PDO::lastInsertId() use in sqlsrv driver (#7564)
* Fix link to closure compiler in bin/jsshrink.sh script (#7567)
* Fix bug where some parts of a message could have been missing in a
  reply/forward body (#7568)
* Fix empty space on mail printouts in Chrome (#7604)
* Fix empty output from HTML5 parser when content contains XML tag (#7624)
* Fix scroll jump on key press in plain text mode of the HTML editor (#7622)
* Fix so autocompletion list does not hide on scroll inside it (#7592)