Path to this page:
Subject: CVS commit: pkgsrc/mail/roundcube
From: Takahiro Kambe
Date: 2020-06-08 00:07:04
Message id: 20200607220704.B2FEDFB27@cvs.NetBSD.org
Log Message:
mail/roundcube: update to 1.4.5
Update roundcube to 1.4.5, including some security fixes.
pkgsrc change:
* Proper replace PHP interpreter.
* Fix php-sockets option to work.
RELEASE 1.4.5
-------------
- Fix bug in extracting required plugins from composer.json that led to spurious \
error in log (#7364)
- Fix so the database setup description is compatible with MySQL 8 (#7340)
- Markasjunk: Fix regression in jsevent driver (#7361)
- Fix missing flag indication on collapsed thread in Larry and Elastic (#7366)
- Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367)
- Mailvelope: Use sender's address to find pubkeys to check signatures (#7348)
- Mailvelope: Fix Encrypt button hidden in Elastic (#7353)
- Fix PHP warning: count(): Parameter must be an array or an object... in ID \
command handler (#7392)
- Fix error when user-configured skin does not exist anymore (#7271)
- Elastic: Fix aspect ratio of a contact photo in mail preview (#7339)
- Fix bug where PDF attachments marked as inline could have not been attached on \
mail forward (#7382)
- Security: Fix a couple of XSS issues in Installer (#7406)
- Security: Fix XSS issue in template object 'username' (#7406)
- Security: Better fix for CVE-2020-12641
- Security: Fix cross-site scripting (XSS) via malicious XML attachment
Files: