head 1.33; access; symbols pkgsrc-2023Q4:1.33.0.18 pkgsrc-2023Q4-base:1.33 pkgsrc-2023Q3:1.33.0.16 pkgsrc-2023Q3-base:1.33 pkgsrc-2023Q2:1.33.0.14 pkgsrc-2023Q2-base:1.33 pkgsrc-2023Q1:1.33.0.12 pkgsrc-2023Q1-base:1.33 pkgsrc-2022Q4:1.33.0.10 pkgsrc-2022Q4-base:1.33 pkgsrc-2022Q3:1.33.0.8 pkgsrc-2022Q3-base:1.33 pkgsrc-2022Q2:1.33.0.6 pkgsrc-2022Q2-base:1.33 pkgsrc-2022Q1:1.33.0.4 pkgsrc-2022Q1-base:1.33 pkgsrc-2021Q4:1.33.0.2 pkgsrc-2021Q4-base:1.33 pkgsrc-2021Q3:1.31.0.48 pkgsrc-2021Q3-base:1.31 pkgsrc-2021Q2:1.31.0.46 pkgsrc-2021Q2-base:1.31 pkgsrc-2021Q1:1.31.0.44 pkgsrc-2021Q1-base:1.31 pkgsrc-2020Q4:1.31.0.42 pkgsrc-2020Q4-base:1.31 pkgsrc-2020Q3:1.31.0.40 pkgsrc-2020Q3-base:1.31 pkgsrc-2020Q2:1.31.0.36 pkgsrc-2020Q2-base:1.31 pkgsrc-2020Q1:1.31.0.16 pkgsrc-2020Q1-base:1.31 pkgsrc-2019Q4:1.31.0.38 pkgsrc-2019Q4-base:1.31 pkgsrc-2019Q3:1.31.0.34 pkgsrc-2019Q3-base:1.31 pkgsrc-2019Q2:1.31.0.32 pkgsrc-2019Q2-base:1.31 pkgsrc-2019Q1:1.31.0.30 pkgsrc-2019Q1-base:1.31 pkgsrc-2018Q4:1.31.0.28 pkgsrc-2018Q4-base:1.31 pkgsrc-2018Q3:1.31.0.26 pkgsrc-2018Q3-base:1.31 pkgsrc-2018Q2:1.31.0.24 pkgsrc-2018Q2-base:1.31 pkgsrc-2018Q1:1.31.0.22 pkgsrc-2018Q1-base:1.31 pkgsrc-2017Q4:1.31.0.20 pkgsrc-2017Q4-base:1.31 pkgsrc-2017Q3:1.31.0.18 pkgsrc-2017Q3-base:1.31 pkgsrc-2017Q2:1.31.0.14 pkgsrc-2017Q2-base:1.31 pkgsrc-2017Q1:1.31.0.12 pkgsrc-2017Q1-base:1.31 pkgsrc-2016Q4:1.31.0.10 pkgsrc-2016Q4-base:1.31 pkgsrc-2016Q3:1.31.0.8 pkgsrc-2016Q3-base:1.31 pkgsrc-2016Q2:1.31.0.6 pkgsrc-2016Q2-base:1.31 pkgsrc-2016Q1:1.31.0.4 pkgsrc-2016Q1-base:1.31 pkgsrc-2015Q4:1.31.0.2 pkgsrc-2015Q4-base:1.31 pkgsrc-2015Q3:1.30.0.30 pkgsrc-2015Q3-base:1.30 pkgsrc-2015Q2:1.30.0.28 pkgsrc-2015Q2-base:1.30 pkgsrc-2015Q1:1.30.0.26 pkgsrc-2015Q1-base:1.30 pkgsrc-2014Q4:1.30.0.24 pkgsrc-2014Q4-base:1.30 pkgsrc-2014Q3:1.30.0.22 pkgsrc-2014Q3-base:1.30 pkgsrc-2014Q2:1.30.0.20 pkgsrc-2014Q2-base:1.30 pkgsrc-2014Q1:1.30.0.18 pkgsrc-2014Q1-base:1.30 pkgsrc-2013Q4:1.30.0.16 pkgsrc-2013Q4-base:1.30 pkgsrc-2013Q3:1.30.0.14 pkgsrc-2013Q3-base:1.30 pkgsrc-2013Q2:1.30.0.12 pkgsrc-2013Q2-base:1.30 pkgsrc-2013Q1:1.30.0.10 pkgsrc-2013Q1-base:1.30 pkgsrc-2012Q4:1.30.0.8 pkgsrc-2012Q4-base:1.30 pkgsrc-2012Q3:1.30.0.6 pkgsrc-2012Q3-base:1.30 pkgsrc-2012Q2:1.30.0.4 pkgsrc-2012Q2-base:1.30 pkgsrc-2012Q1:1.30.0.2 pkgsrc-2012Q1-base:1.30 pkgsrc-2011Q4:1.29.0.10 pkgsrc-2011Q4-base:1.29 pkgsrc-2011Q3:1.29.0.8 pkgsrc-2011Q3-base:1.29 pkgsrc-2011Q2:1.29.0.6 pkgsrc-2011Q2-base:1.29 pkgsrc-2011Q1:1.29.0.4 pkgsrc-2011Q1-base:1.29 pkgsrc-2010Q4:1.29.0.2 pkgsrc-2010Q4-base:1.29 pkgsrc-2010Q3:1.27.0.8 pkgsrc-2010Q3-base:1.27 pkgsrc-2010Q2:1.27.0.6 pkgsrc-2010Q2-base:1.27 pkgsrc-2010Q1:1.27.0.4 pkgsrc-2010Q1-base:1.27 pkgsrc-2009Q4:1.27.0.2 pkgsrc-2009Q4-base:1.27 pkgsrc-2009Q3:1.26.0.6 pkgsrc-2009Q3-base:1.26 pkgsrc-2009Q2:1.26.0.4 pkgsrc-2009Q2-base:1.26 pkgsrc-2009Q1:1.26.0.2 pkgsrc-2009Q1-base:1.26 pkgsrc-2008Q4:1.25.0.2 pkgsrc-2008Q4-base:1.25 pkgsrc-2008Q3:1.23.0.4 pkgsrc-2008Q3-base:1.23 cube-native-xorg:1.23.0.2 cube-native-xorg-base:1.23 pkgsrc-2008Q2:1.22.0.4 pkgsrc-2008Q2-base:1.22 cwrapper:1.22.0.2 pkgsrc-2008Q1:1.20.0.2 pkgsrc-2008Q1-base:1.20 pkgsrc-2007Q4:1.18.0.2 pkgsrc-2007Q4-base:1.18 pkgsrc-2007Q3:1.17.0.6 pkgsrc-2007Q3-base:1.17 pkgsrc-2007Q2:1.17.0.4 pkgsrc-2007Q2-base:1.17 pkgsrc-2007Q1:1.17.0.2 pkgsrc-2007Q1-base:1.17 pkgsrc-2006Q4:1.16.0.4 pkgsrc-2006Q4-base:1.16 pkgsrc-2006Q3:1.16.0.2 pkgsrc-2006Q3-base:1.16 pkgsrc-2006Q2:1.14.0.2 pkgsrc-2006Q2-base:1.14 pkgsrc-2006Q1:1.13.0.4 pkgsrc-2006Q1-base:1.13 pkgsrc-2005Q4:1.13.0.2 pkgsrc-2005Q4-base:1.13 pkgsrc-2005Q3:1.12.0.4 pkgsrc-2005Q3-base:1.12 pkgsrc-2005Q2:1.12.0.2 pkgsrc-2005Q2-base:1.12 pkgsrc-2005Q1:1.11.0.2 pkgsrc-2005Q1-base:1.11 pkgsrc-2004Q4:1.10.0.2 pkgsrc-2004Q4-base:1.10 pkgsrc-2004Q3:1.9.0.8 pkgsrc-2004Q3-base:1.9 pkgsrc-2004Q2:1.9.0.6 pkgsrc-2004Q2-base:1.9 pkgsrc-2004Q1:1.9.0.4 pkgsrc-2004Q1-base:1.9 pkgsrc-2003Q4:1.9.0.2 pkgsrc-2003Q4-base:1.9 netbsd-1-6-1:1.6.0.6 netbsd-1-6-1-base:1.6 netbsd-1-6:1.6.0.8 netbsd-1-6-RELEASE-base:1.6 pkgviews:1.6.0.4 pkgviews-base:1.6 buildlink2:1.6.0.2 buildlink2-base:1.6 netbsd-1-5-PATCH003:1.6 netbsd-1-5-PATCH001:1.2; locks; strict; comment @# @; 1.33 date 2021.10.26.11.29.30; author nia; state Exp; branches; next 1.32; commitid Gv0TNLbuylhFsjeD; 1.32 date 2021.10.07.15.07.13; author nia; state Exp; branches; next 1.31; commitid kEwAbZZbki9jhTbD; 1.31 date 2015.11.04.02.46.54; author agc; state Exp; branches; next 1.30; commitid iQwY7gbw5lDHJIHy; 1.30 date 2012.02.23.10.34.08; author obache; state Exp; branches; next 1.29; 1.29 date 2010.12.16.03.38.32; author taca; state Exp; branches 1.29.10.1; next 1.28; 1.28 date 2010.11.10.12.46.53; author adam; state Exp; branches; next 1.27; 1.27 date 2009.12.20.22.15.13; author tonnerre; state Exp; branches 1.27.8.1; next 1.26; 1.26 date 2009.01.30.22.22.26; author adrianp; state Exp; branches; next 1.25; 1.25 date 2008.12.15.23.05.14; author adrianp; state Exp; branches 1.25.2.1; next 1.24; 1.24 date 2008.10.12.12.00.53; author adrianp; state Exp; branches; next 1.23; 1.23 date 2008.09.10.18.47.29; author adrianp; state Exp; branches; next 1.22; 1.22 date 2008.06.17.21.25.38; author adrianp; state Exp; branches; next 1.21; 1.21 date 2008.05.26.12.52.51; author adrianp; state Exp; branches; next 1.20; 1.20 date 2008.03.08.17.36.53; author adrianp; state Exp; branches 1.20.2.1; next 1.19; 1.19 date 2008.01.10.23.08.07; author adrianp; state Exp; branches; next 1.18; 1.18 date 2007.11.15.22.11.36; author adrianp; state Exp; branches 1.18.2.1; next 1.17; 1.17 date 2007.03.18.12.24.14; author adrianp; state Exp; branches; next 1.16; 1.16 date 2006.08.17.20.15.40; author adrianp; state Exp; branches 1.16.4.1; next 1.15; 1.15 date 2006.07.13.20.41.51; author adrianp; state Exp; branches; next 1.14; 1.14 date 2006.06.16.09.23.21; author adrianp; state Exp; branches 1.14.2.1; next 1.13; 1.13 date 2005.11.25.21.21.04; author adrianp; state Exp; branches; next 1.12; 1.12 date 2005.05.14.13.33.15; author adrianp; state Exp; branches 1.12.4.1; next 1.11; 1.11 date 2005.02.24.14.08.31; author wiz; state Exp; branches 1.11.2.1; next 1.10; 1.10 date 2004.11.09.16.23.02; author adam; state Exp; branches; next 1.9; 1.9 date 2003.09.14.21.26.41; author bouyer; state Exp; branches; next 1.8; 1.8 date 2003.08.16.21.08.40; author bouyer; state Exp; branches; next 1.7; 1.7 date 2003.03.17.17.58.13; author bouyer; state Exp; branches; next 1.6; 1.6 date 2002.02.01.22.41.16; author bouyer; state Exp; branches 1.6.6.1; next 1.5; 1.5 date 2001.11.11.19.30.08; author bouyer; state Exp; branches; next 1.4; 1.4 date 2001.07.29.14.24.46; author bouyer; state Exp; branches; next 1.3; 1.3 date 2001.05.22.21.11.57; author jlam; state Exp; branches; next 1.2; 1.2 date 2001.04.20.12.02.36; author skrll; state Exp; branches; next 1.1; 1.1 date 2001.04.17.12.12.44; author agc; state Exp; branches; next ; 1.29.10.1 date 2012.03.06.09.51.46; author tron; state Exp; branches; next ; 1.27.8.1 date 2010.12.23.10.51.51; author sbd; state Exp; branches; next ; 1.25.2.1 date 2009.02.04.21.28.43; author tron; state Exp; branches; next ; 1.20.2.1 date 2008.06.26.19.44.35; author tron; state Exp; branches; next ; 1.18.2.1 date 2008.01.15.08.50.16; author ghen; state Exp; branches; next ; 1.16.4.1 date 2007.03.19.17.10.20; author salo; state Exp; branches; next ; 1.14.2.1 date 2006.07.23.14.46.05; author salo; state Exp; branches; next 1.14.2.2; 1.14.2.2 date 2006.08.20.19.17.35; author ghen; state Exp; branches; next ; 1.12.4.1 date 2005.11.26.15.08.19; author salo; state Exp; branches; next ; 1.11.2.1 date 2005.05.15.21.44.31; author salo; state Exp; branches; next ; 1.6.6.1 date 2003.03.17.17.44.26; author bouyer; state Exp; branches; next 1.6.6.2; 1.6.6.2 date 2003.03.17.17.52.10; author bouyer; state Exp; branches; next 1.6.6.3; 1.6.6.3 date 2003.10.22.22.59.34; author jmc; state Exp; branches; next 1.6.6.4; 1.6.6.4 date 2003.10.23.02.44.56; author jmc; state Exp; branches; next ; desc @@ 1.33 log @www: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts): www/nghttp2/distinfo Unfetchable distfiles (almost certainly fetched conditionally...): ./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx-devel/distinfo naxsi-1.3.tar.gz ./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx-devel/distinfo njs-0.5.0.tar.gz ./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz ./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx/distinfo naxsi-1.3.tar.gz ./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx/distinfo njs-0.5.0.tar.gz ./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz @ text @$NetBSD: distinfo,v 1.32 2021/10/07 15:07:13 nia Exp $ BLAKE2s (horde-3.3.13.tar.gz) = ad0a5d440b9b7029c7da143d9ef2c499c8892af3052ac4a692a4d86ddf64d4ac SHA512 (horde-3.3.13.tar.gz) = 5b42b778a9de8f57e117cb1b41c17265ecf1e5aa1706f808a95fd756997950c7f915e741aef45b13f67e971834d9b3cb7d576b5c557b5857cdf1c81c730e49ec Size (horde-3.3.13.tar.gz) = 8923715 bytes SHA1 (patch-aa) = 91150235a9739231e5c4da8622f9d48ec26f1115 @ 1.32 log @www: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.31 2015/11/04 02:46:54 agc Exp $ d3 1 a3 1 RMD160 (horde-3.3.13.tar.gz) = b6e14214c5c2151c53798f3ed99e1b94f671ebfb @ 1.31 log @Add SHA512 digests for distfiles for www category Problems found locating distfiles: Package haskell-cgi: missing distfile haskell-cgi-20001206.tar.gz Package nginx: missing distfile array-var-nginx-module-0.04.tar.gz Package nginx: missing distfile encrypted-session-nginx-module-0.04.tar.gz Package nginx: missing distfile headers-more-nginx-module-0.261.tar.gz Package nginx: missing distfile nginx_http_push_module-0.692.tar.gz Package nginx: missing distfile set-misc-nginx-module-0.29.tar.gz Package nginx-devel: missing distfile echo-nginx-module-0.58.tar.gz Package nginx-devel: missing distfile form-input-nginx-module-0.11.tar.gz Package nginx-devel: missing distfile lua-nginx-module-0.9.16.tar.gz Package nginx-devel: missing distfile nginx_http_push_module-0.692.tar.gz Package nginx-devel: missing distfile set-misc-nginx-module-0.29.tar.gz Package php-owncloud: missing distfile owncloud-8.2.0.tar.bz2 Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.30 2012/02/23 10:34:08 obache Exp $ a2 1 SHA1 (horde-3.3.13.tar.gz) = 382d084d7af9a0fa27431aa23881a3c81fb0e9b8 @ 1.30 log @Update horde to 3.3.13. (while here, set LICENSE=gnu-lgpl-v2, move empty directory handling to PLIST) ------- v3.3.13 ------- [mms] SECURITY: Fix XSS vulnerability in email form field validation. [jan] Fix UTF-8 support with Firefox 10 or later. [jan] Add support for resetting passwords to LDAP driver. ------- v3.3.12 ------- [jan] Convert charset of group names in SQL driver (Bug #9611). [jan] Fix deleting of SyncML anchors if PHP short_open_tag is off (Bug #9349). [jan] Add an experimental new Share SQL driver with better performance. [jan] Fix integer overflow in ASN.1 parser for S/MIME messages. [jan] Fix splitread database usage in VFS (Bug #9467). [jan] Fix invalidating permission cache in SQL driver (Bug #9392). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.29 2010/12/16 03:38:32 taca Exp $ d5 1 @ 1.29 log @Update horde pacakge to 3.3.11. Fixing http://secunia.com/advisories/42355/. ------- v3.3.11 ------- [mms] SECURITY: Fix XSS when viewing details of a vCard (Bug #9357). [jan] Fix exporting recurrence exceptions to vCalendar 1.0. [jan] Skip event status synchronization with Outlook, which is broken. [jan] Don't send SIF data to recent Funambol clients, unless requested. [jan] Log all queries and errors by the history library. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.28 2010/11/10 12:46:53 adam Exp $ d3 3 a5 3 SHA1 (horde-3.3.11.tar.gz) = 66710a5026d78e462422969b187e78ff52b04e34 RMD160 (horde-3.3.11.tar.gz) = e5e80e47a564b69e8e5db8648614a4fc6f6e06fd Size (horde-3.3.11.tar.gz) = 8788320 bytes @ 1.29.10.1 log @Pullup ticket #3695 - requested by obache www/horde: security update Revisions pulled up: - www/horde/Makefile 1.73 - www/horde/PLIST 1.26 - www/horde/distinfo 1.30 --- Module Name: pkgsrc Committed By: obache Date: Thu Feb 23 10:34:08 UTC 2012 Modified Files: pkgsrc/www/horde: Makefile PLIST distinfo Log Message: Update horde to 3.3.13. (while here, set LICENSE=gnu-lgpl-v2, move empty directory handling to PLIST) ------- v3.3.13 ------- [mms] SECURITY: Fix XSS vulnerability in email form field validation. [jan] Fix UTF-8 support with Firefox 10 or later. [jan] Add support for resetting passwords to LDAP driver. ------- v3.3.12 ------- [jan] Convert charset of group names in SQL driver (Bug #9611). [jan] Fix deleting of SyncML anchors if PHP short_open_tag is off (Bug #9349). [jan] Add an experimental new Share SQL driver with better performance. [jan] Fix integer overflow in ASN.1 parser for S/MIME messages. [jan] Fix splitread database usage in VFS (Bug #9467). [jan] Fix invalidating permission cache in SQL driver (Bug #9392). @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (horde-3.3.13.tar.gz) = 382d084d7af9a0fa27431aa23881a3c81fb0e9b8 RMD160 (horde-3.3.13.tar.gz) = b6e14214c5c2151c53798f3ed99e1b94f671ebfb Size (horde-3.3.13.tar.gz) = 8923715 bytes @ 1.28 log @Changes 3.3.10: * Fix searching DataTree elements (groups) if backend charset is different from interface charset * Fix accessing IMAP ACLs that contain non-alphanumeric characters * Avoid fatal errors when using DateTime with not properly configured PHP 5.3+ * Fix importing recurrence exceptions from vCalendar 1.0. * Fix preferences management regression * Fix conversion of all-day events and certain yearly recurring events for Funambol clients. * Fix memcache cache regression. * Fix SyncML page sometimes deleting more anchors than selected. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.27 2009/12/20 22:15:13 tonnerre Exp $ d3 3 a5 3 SHA1 (horde-3.3.10.tar.gz) = d01a2fcc024222ae62311aa2e9a2afb4abdf15af RMD160 (horde-3.3.10.tar.gz) = 05e345a4679f47be1cbc593410cdcf61f221dc5e Size (horde-3.3.10.tar.gz) = 8867114 bytes @ 1.27 log @Update horde to version 3.3.6 in order to fix a cross-site scripting vulnerability. Changes since version 3.3.3 are not found on the web site for some reason (while changes before 3.3.3 are). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.26 2009/01/30 22:22:26 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.3.6.tar.gz) = d23d651ddc95fae2d10b7a3363a4745aded83083 RMD160 (horde-3.3.6.tar.gz) = 098aed42a397577e743ac5372ef22b2cbb31a601 Size (horde-3.3.6.tar.gz) = 8776361 bytes @ 1.27.8.1 log @Pullup ticket #3310 - requested by taca pkgsrc/www/horde security fix Revisions pulled up: - pkgsrc/www/horde/Makefile 1.70, 1.71 - pkgsrc/www/horde/PLIST 1.25 - pkgsrc/www/horde/distinfo 1.28, 1.29 ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: adam Date: Wed Nov 10 12:46:53 UTC 2010 Modified Files: pkgsrc/www/horde: Makefile PLIST distinfo Log Message: Changes 3.3.10: * Fix searching DataTree elements (groups) if backend charset is different from interface charset * Fix accessing IMAP ACLs that contain non-alphanumeric characters * Avoid fatal errors when using DateTime with not properly configured PHP 5.3+ * Fix importing recurrence exceptions from vCalendar 1.0. * Fix preferences management regression * Fix conversion of all-day events and certain yearly recurring events for Funambol clients. * Fix memcache cache regression. * Fix SyncML page sometimes deleting more anchors than selected. ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Dec 16 03:38:32 UTC 2010 Modified Files: pkgsrc/www/horde: Makefile distinfo Log Message: Update horde pacakge to 3.3.11. Fixing http://secunia.com/advisories/42355/. ------- v3.3.11 ------- [mms] SECURITY: Fix XSS when viewing details of a vCard (Bug #9357). [jan] Fix exporting recurrence exceptions to vCalendar 1.0. [jan] Skip event status synchronization with Outlook, which is broken. [jan] Don't send SIF data to recent Funambol clients, unless requested. [jan] Log all queries and errors by the history library. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.29 2010/12/16 03:38:32 taca Exp $ d3 3 a5 3 SHA1 (horde-3.3.11.tar.gz) = 66710a5026d78e462422969b187e78ff52b04e34 RMD160 (horde-3.3.11.tar.gz) = e5e80e47a564b69e8e5db8648614a4fc6f6e06fd Size (horde-3.3.11.tar.gz) = 8788320 bytes @ 1.26 log @The major changes compared to Horde version 3.3.2 are: * SECURITY: Fix unescaped output in the tag cloud block * SECURITY: Fix unvalidated Horde_Image driver name * Restore backwards compatibility with older Kronolith and Whups releases * Fix problems with SQL Shares and PostgreSQL * Support Mozilla Sunbird snooze properties The full list of changes (from version 3.3.2) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.492&r2=1.515.2.503&ty=h @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.25 2008/12/15 23:05:14 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.3.3.tar.gz) = 99bd377bf04a5fd7ed7e8dd9a453ca87c74a5e2c RMD160 (horde-3.3.3.tar.gz) = eb1d88b8583dc993e66eed41a446e55789af6a17 Size (horde-3.3.3.tar.gz) = 8472775 bytes @ 1.25 log @Upgrade to 3.3.2: ------ v3.3.2 ------ [mms] Fix prototypejs regression on IE (Bug #6590). ------ v3.3.1 ------ [cjh] SECURITY: Add another check to the XSS filter. [jan] Add script to import preferences from SquirrelMail database. [cjh] Allow the password file Auth driver to require a specific group. [cjh] Use YYYY-MM-DDTHH:MM:SS for Alarm date queries (Bug #7580). [jan] Add XPath wrapper to Horde_DOM library. [cjh] Don't use executeMultiple in the SQL Share driver when we might reset the connection in between queries (Bug #7542). [jan] Fix database XML schema to create all lock table fields (Bug #7433). [jan] Fix showing two sidebars after saving the display preference group for the first time (Bug #7475). [jan] Fix sharing with LDAP groups (Bug #6883). [jan] Add javascript event handler for access keys. [cjh] Remove UNSIGNED from PostgreSQL scripts. [cjh] Call preference hooks in the scope of the preference (vlukashov (at) parallels (dot) com, Bug #7445). [jan] Fix resuming synchronization session on server farms (adrieder@@sbox.tugraz.at, Bug #7394). [jan] Fix synchronization of tasks with many items (adrieder@@sbox.tugraz.at, Bug #7395). [mms] Upgrade prototype.js to v1.6.0.3. [jwm] Fix regression: SOAP wsdl/disco shouldn't require authorization. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.24 2008/10/12 12:00:53 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.3.2.tar.gz) = fe74b5c0c70f646f56b2f0aa83cead8d792b295b RMD160 (horde-3.3.2.tar.gz) = c90778f7966df203c334f4e80fc12160553965ec Size (horde-3.3.2.tar.gz) = 8462747 bytes @ 1.25.2.1 log @Pullup ticket #2683 - requested by adrianp horde: security update Revisions pulled up: - www/horde/Makefile 1.62 - www/horde/PLIST 1.21 - www/horde/distinfo 1.26 --- Module Name: pkgsrc Committed By: adrianp Date: Fri Jan 30 22:22:26 UTC 2009 Modified Files: pkgsrc/www/horde: Makefile PLIST distinfo Log Message: The major changes compared to Horde version 3.3.2 are: * SECURITY: Fix unescaped output in the tag cloud block * SECURITY: Fix unvalidated Horde_Image driver name * Restore backwards compatibility with older Kronolith and Whups releases * Fix problems with SQL Shares and PostgreSQL * Support Mozilla Sunbird snooze properties The full list of changes (from version 3.3.2) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.492&r2=1.515.2.503&ty=h @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (horde-3.3.3.tar.gz) = 99bd377bf04a5fd7ed7e8dd9a453ca87c74a5e2c RMD160 (horde-3.3.3.tar.gz) = eb1d88b8583dc993e66eed41a446e55789af6a17 Size (horde-3.3.3.tar.gz) = 8472775 bytes @ 1.24 log @Update to 3.3 ---- v3.3 ---- [jan] Fix synchronization issues with Blackberry clients (bug 6949). [mms] Fix setting the horde user when using application authentication with realms (bug 6749). [jan] Fix user name conversion with user hooks in the permissions interfaces (bug 6371). [jan] Provide all settings for the read server in split SQL configuration (Request #7024). [jan] Improve HTML to text filter. [mjr] Hierarchical SQL Share driver now correctly removes all children when removing a share (Bug: 7347). [mjr] Fix an issue with various date/time fields in horde form that was causing erroneous validation errors. [cjh] Sign parameters to go.php with an HMAC based on a new secret key configuration value, to prevent using go.php as an open referrer. [cjh] Make logout tokens only valid for a configurable length of time. -------- v3.3-RC1 -------- [mms] Fix garbage collection handling on SQL session handler backends. [mjr] Change MDB2 sequence names to 'id' in SQL share driver (bug 7240). [cjh] When a URL is supplied for pass-through after logging in, go to that URL in mobile browsers instead of going to the mobile portal (bug 6332). [mms] Memcache session handler no longer writes data with a lifetime. [cjh] Add DIMP to the horde LDAP OIDs and hordePerson objectclass (bug 7243). [mms] Update FCKeditor to v2.6.3. [jan] Use global mailer configuration when sending alarm emails (adrieder@@sbox.tugraz.at, bug 7058). [jan] Reset background colors when resetting the category form (bug 7226). [jan] Improve Funambol contacts support (Requests #7099, #7100). [jan] Correctly parse GEO tags in vCard 2.1 data (bug 6563). [jan] Remove Horde portal link from application menus (bug 7221). [cjh] Create a driver for signups, allowing backends other than DataTree (Duck , Request #7161). [jan] Fix displaying images with the image form field. [mjr] Fix issue with hierarchical SQL share driver that caused permissons to erroneously be denied when the share contained group permissions and was instantiated by a listShares call. [mjr] Fix issue with hierarchical SQL share driver that caused any child shares to be orphaned when the parent share was moved in the hierarchy. [mjr] Fix issue with SQL share drivers that was causing permission checks to fail under certain conditions by no longer explicitly storing owner permissions in the Perms backend. [cjh] Fix overwriting a variable in the tableset_html VarRenderer (Paul Roy , bug 7120). [mms] Fix MIME encoding when using the ISO-2022-JP charset (bug 1621). [jan] Fix SQL Share driver not using the correct database when using different databases in Horde applications (bug 6997). [cjh] Fix SQL portability in Share_sql driver (bug 7084). [jan] Fix synchronizing large amounts of data split across several SyncML messages. [jan] Add Basque translation (Euskal Herriko Unibertsitatea EHU/UPV ). [cjh] Fix Horde_Lock::getLockInfo (duck@@obala.net, Bub #7046). [cjh] Fix SQL portability in Group_sql driver (bug 7075). [jan] Fix PAM authentication driver, but also mark it as deprecated (bug 6982). [mjr] Fix issue with native SQL Share driver that caused filtering shares by attributes to fail. [jan] Fix synchronization of event alarms with Funambol clients (bug 7003). [jan] Correctly detect Funambol clients on Blackberry devices (bug 6995). [mjr] Remove all user application permissions and group memberships from storage when removing the user from the system (Bug: 6999) [cjh] Call the postauthenticate hook in Auth::setAuth(), and allow the postauthenticate hook to cause setAuth() to fail. Allows postauthenticate to fire on any event, including transparent authentication, that could result in a user being successfully logged in. [jan] Improve attribute support and charset conversion in vCard viewer. [jan] Show photos in vCard object if provided with an URL. [mjr] Remove permissions from storage also when removing a share. [jan] Add Horde_Form fields for string arrays and PGP and S/MIME keys. [jan] Only show Add Permission icons in permissions interface where adding them is possible. [mjr] Fix issue in Horde_Image that was causing erratic results when cropping images. [jan] Fix validation of phone fields marked as required (bug 6948). [mms] Fix quoting periods in display part of e-mail address (bug 6899). [mms] Fix error checking when parsing an undisclosed recipients mail header and using an older version of PEAR::Mail (bug 6930). [jan] Return to portal after editing or deleting blocks directly from there. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.23 2008/09/10 18:47:29 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.3.tar.gz) = 6ed165d0488dd5ce0648b3228c41eb83e7d57bcb RMD160 (horde-3.3.tar.gz) = fd3aed1351346b5c9c95bd70abf489d896bc1514 Size (horde-3.3.tar.gz) = 8468714 bytes @ 1.23 log @Update to 3.2.2 [jan] SECURITY: Fix unescaped output in the MIME attachment linking. [jan] SECURITY: Add another check to the XSS filter. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.22 2008/06/17 21:25:38 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.2.2.tar.gz) = 06a501495deeef4e0bea01edd984f4c7fbddf11c RMD160 (horde-3.2.2.tar.gz) = dfa67054d9ed00173f12dfce980726b1ed39e23f Size (horde-3.2.2.tar.gz) = 8230228 bytes @ 1.22 log @The major changes compared to the Horde version H3 (3.2.1) are: * Escape item names in the object browser. * Select db before queries in MySQL SessionHandler. * Format messages sent through MIME_Mail in flowed text format. * Fixes for SQL shares with split read/write databases, and various fixes for hierarchical shares. * Workaround broken IE behavior when downloading files with 8-bit filenames. * Fix storing of unlocked preferences set by hooks. * Allow Horde memcache driver to use UNIX sockets. * Fix parsing of addresses in headers when the RFC 2047-encoded personal part of the address contains address list delimiters. * Fix generation of unique keys in configuration for machines too fast for microtime(). * Added group driver for Kolab. * Added IMAP based preferences driver for Kolab. * Fix missing timestamp variable in Horde SQL cache driver. * Fix over-zealous preference caching when preferences are requested for a different user. * Fix issue in Horde_Image that caused errors when performing certain image operations immediately after an image had been cropped when using the ImageMagick driver. The full list of changes (from version 3.2) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.392&r2=1.515.2.413&ty=h @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2008/05/26 12:52:51 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.2.1.tar.gz) = c95243d4001794a451f4ceb128501d72ea99d2df RMD160 (horde-3.2.1.tar.gz) = fb1ddbc0065e432ddb59c57539cec4001e5e00a0 Size (horde-3.2.1.tar.gz) = 8193531 bytes @ 1.21 log @Horde version 3.2 is a major upgrade in the 3.x release series, including these enhancements: * Stable synchronization support through integrated SyncML server. * A new Alarm system that can send email alarms, generate popup or inline notifications, and play sounds for events in any Horde application. * Support for separate read and write databases, and improved useability when the database is unavailable. * Improved performance, through caching and native SQL drivers for shares, groups, and permissions; faster DataTree queries, and smarter use of session data. * The administrator can disable users' ability to change permissions on their Shares. * Two slick new themes, Tango Blue and Silver Surfer. * WCAG 1.0 Priority 2/Section 508 accessibility guidelines compliance. * Full Kolab webclient support. * Improved JavaScript code including more caching, JSON support, new spell checking and color picking widgets, replacing htmlarea with xinha, and dynamic portal updates. * Help is now searchable and has a tree view for easy organization and exploration of help topics. * Wider memcache support and easier memcache configuration, including connection pooling and multiple memcache servers. * A more complete WebDAV server. * "Drop-in" configuration support for applications through config/registry.d/. * Many additional hooks, for performing actions on preference value changes, and after loading an application. * and much, much more. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2008/03/08 17:36:53 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.2.tar.gz) = d0af9dbb3418139de403f042b2d9b8e0c556d3f9 RMD160 (horde-3.2.tar.gz) = cb55bf41107c0850836a28c64b1d9f40811ca6ea Size (horde-3.2.tar.gz) = 8231595 bytes @ 1.20 log @Bump to 3.1.7 Major changes compared to Horde 3.1.6 are: * Fix arbitrary file inclusion through abuse of the theme preference. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2008/01/10 23:08:07 adrianp Exp $ d3 4 a6 4 SHA1 (horde-3.1.7.tar.gz) = b6666b35330082e0627b82fa30754751a082c115 RMD160 (horde-3.1.7.tar.gz) = b0b8783c6955c59070dbb9db0ec4fe788b0dc220 Size (horde-3.1.7.tar.gz) = 5288106 bytes SHA1 (patch-aa) = 9edb110586805d5efd84541b9d3821889967e785 @ 1.20.2.1 log @Pullup ticket #2435 - requested by adrianp Security patch for horde Manually add backport of the following fix: - http://lists.horde.org/archives/announce/2008/000415.html @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2008/03/08 17:36:53 adrianp Exp $ a6 1 SHA1 (patch-ab) = 38fb9fb6126f546ac9821bda3731866c8daa957c @ 1.19 log @Major changes compared to Horde 3.1.5 are: * Fixed privilege escalation in the Horde API. * Improved XSS filtering. * Fixed locked portal blocks. * Further improved webroot detection. * Updated Japanese translation. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2007/11/15 22:11:36 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.6.tar.gz) = ea68a0ac8f160ec1eeadcc164da64a3b2a38845b RMD160 (horde-3.1.6.tar.gz) = e13db8c5d4c819e6a8f2d5083b1836cbbfeb278c Size (horde-3.1.6.tar.gz) = 5300885 bytes @ 1.18 log @------ v3.1.5 ------ [cjh] Fix identity javascript when some fields are disabled (veikko@@immonen@@otaverkko.fi, Bug 5595). [cjh] Disable the Turkish locale if using PHP 5 (see http://bugs.php.net/bug.php?id=35050). [jan] Improved webroot detection (Request 4126). [jan] Fix selecting the language on the login screen (Bug 5098). [jan] Fix searching for single quotes in email headers (qa@@cpanel.net, Bug 4854). [jan] Fix portal layouts with more than one horizontally expanded block per row. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2007/03/18 12:24:14 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.5.tar.gz) = 8d03da45cc5a086ebeb57c181892b66f72242ef5 RMD160 (horde-3.1.5.tar.gz) = de40cb6e4b1a812ca4bfb2f52d9aecbaffcce4b1 Size (horde-3.1.5.tar.gz) = 5285660 bytes @ 1.18.2.1 log @Pullup ticket 2266 - requested by adrianp security update for horde - pkgsrc/www/horde/Makefile 1.52 - pkgsrc/www/horde/distinfo 1.19 Module Name: pkgsrc Committed By: adrianp Date: Thu Jan 10 23:08:07 UTC 2008 Modified Files: pkgsrc/www/horde: Makefile distinfo Log Message: Major changes compared to Horde 3.1.5 are: * Fixed privilege escalation in the Horde API. * Improved XSS filtering. * Fixed locked portal blocks. * Further improved webroot detection. * Updated Japanese translation. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2007/11/15 22:11:36 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.6.tar.gz) = ea68a0ac8f160ec1eeadcc164da64a3b2a38845b RMD160 (horde-3.1.6.tar.gz) = e13db8c5d4c819e6a8f2d5083b1836cbbfeb278c Size (horde-3.1.6.tar.gz) = 5300885 bytes @ 1.17 log @Update to 3.1.4 ------ v3.1.4 ------ [jan] SECURITY: Correctly quote file names in cleanup script for temporary files. [jan] Fix RPC authentication on CGI SAPIs. [jan] Detect unencrypted PGP messages. ---------- v3.1.4-RC1 ---------- [jan] SECURITY: Fix an XSS vulnerability in the language selection. [jan] Complete Cyrus virtual domain support in cyrsql driver (Vilius Sumskas , Request #4967). [jan] Add option whether to strip domains from usernames in the account block (Request #4955). [jan] Fix email lists not being validated under certain conditions (Bug #4834). [cjh] Add a REST-ful preferences interface. [cjh] Faster DataTree-to-SQL History migration script (josh@@endries.org, Request #4732). [cjh] Improved automatic webroot detection (Ben Klang, Request #4126). [cjh] Rewrite and fix the OCI8 SessionHandler (Bug #3452). [cjh] Allow signup hooks to override the user_name and password fields (thomas@@gelf.net, Request #2904). [cjh] Fix creation of mailbox quotas by the Auth_cyrus driver (pascal@@vmfacility.fr, Bug #4678). [cjh] Add "Save and Finish" to the share edit window (webmgr@@muskingum.edu, Request #4307). [cjh] Let mailto: and anchor (#) links through Horde::externalUrl (Bug #3079). [cjh] Add smbclient version of the SMB Auth class (larry@@wimble.biz, Request #4338). [cjh] Remove problematic "data descriptor" segment from generated ZIP files (reitsma@@denison.edu, Bug #4670). [cjh] Strip accesskeys from menu tooltips when only showing icons (Bug #4667). [jan] Fix saving files in the root directory of an SQL VFS backend (Bug #4652, Ben Klang ). [jan] Fix displaying all maintenance tasks to be confirmed at once (Bug #4377). [cjh] Fix return format of DataTree_null::getByAttributes() (thomas.jarosch@@intra2net.com, Bug #4651). [jan] Support departments in vCard's ORG properties (martin@@matuska.org, Request #4285). [cjh] Rename Auth_sasl backend to Auth_peclsasl to avoid conflicts with PEAR's Auth_SASL (Bug #4547). [cjh] Implement handling of vTimezones in iCalendar data (Carl Thompson , Bug #4399). [cjh] keybindings.js now works with Safari/KHTML. [jan] Avoid recursive folder creation when sharing Kolab folders (michael.sheldon@@credativ.de, Bug #4325). [jan] Add Kolab specific account block driver to support special Kolab users (mzizka@@hotmail.com, Request: #4119). [mms] Only dim below the last signature line of input text in the dimsignature Text_Filter driver. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2006/08/17 20:15:40 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.4.tar.gz) = 3b008b7976b501f86df3d0d556ba831fe222395d RMD160 (horde-3.1.4.tar.gz) = 2b8df7ef0cf9b986b08d4a56414b6ca9219272f0 Size (horde-3.1.4.tar.gz) = 5262198 bytes @ 1.16 log @Update to 3.1.3 Major changes compared to Horde 3.1.2 are: * Security Fixes - Closed an XSS problem in index.php and improved protection against phishing attempts. * Bugfixes and improvements - Added Kolab group ACL support. - Improved import of date and time fields. - Fixed synchronization support. - Updated Catalan, German and Slovenian translations. The full list of changes (from version 3.1.2) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.252&r2=1.515.2.261&ty=h @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2006/07/13 20:41:51 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.3.tar.gz) = f1c9d03b28aa33e265906a1c0d1bfa9ccfcef79c RMD160 (horde-3.1.3.tar.gz) = 047e91d5f822d4b1123840cb11612faa71c9880f Size (horde-3.1.3.tar.gz) = 5232958 bytes @ 1.16.4.1 log @Pullup ticket 2052 - requested by adrianp security update for horde Revisions pulled up: - pkgsrc/www/horde/Makefile 1.49 - pkgsrc/www/horde/PLIST 1.15 - pkgsrc/www/horde/distinfo 1.17 Module Name: pkgsrc Committed By: adrianp Date: Sun Mar 18 12:24:14 UTC 2007 Modified Files: pkgsrc/www/horde: Makefile PLIST distinfo Log Message: Update to 3.1.4 ------ v3.1.4 ------ [jan] SECURITY: Correctly quote file names in cleanup script for temporary files. [jan] Fix RPC authentication on CGI SAPIs. [jan] Detect unencrypted PGP messages. ---------- v3.1.4-RC1 ---------- [jan] SECURITY: Fix an XSS vulnerability in the language selection. [jan] Complete Cyrus virtual domain support in cyrsql driver (Vilius Sumskas , Request #4967). [jan] Add option whether to strip domains from usernames in the account block (Request #4955). [jan] Fix email lists not being validated under certain conditions (Bug #4834). [cjh] Add a REST-ful preferences interface. [cjh] Faster DataTree-to-SQL History migration script (josh@@endries.org, Request #4732). [cjh] Improved automatic webroot detection (Ben Klang, Request #4126). [cjh] Rewrite and fix the OCI8 SessionHandler (Bug #3452). [cjh] Allow signup hooks to override the user_name and password fields (thomas@@gelf.net, Request #2904). [cjh] Fix creation of mailbox quotas by the Auth_cyrus driver (pascal@@vmfacility.fr, Bug #4678). [cjh] Add "Save and Finish" to the share edit window (webmgr@@muskingum.edu, Request #4307). [cjh] Let mailto: and anchor (#) links through Horde::externalUrl (Bug #3079). [cjh] Add smbclient version of the SMB Auth class (larry@@wimble.biz, Request #4338). [cjh] Remove problematic "data descriptor" segment from generated ZIP files (reitsma@@denison.edu, Bug #4670). [cjh] Strip accesskeys from menu tooltips when only showing icons (Bug #4667). [jan] Fix saving files in the root directory of an SQL VFS backend (Bug #4652, Ben Klang ). [jan] Fix displaying all maintenance tasks to be confirmed at once (Bug #4377). [cjh] Fix return format of DataTree_null::getByAttributes() (thomas.jarosch@@intra2net.com, Bug #4651). [jan] Support departments in vCard's ORG properties (martin@@matuska.org, Request #4285). [cjh] Rename Auth_sasl backend to Auth_peclsasl to avoid conflicts with PEAR's Auth_SASL (Bug #4547). [cjh] Implement handling of vTimezones in iCalendar data (Carl Thompson , Bug #4399). [cjh] keybindings.js now works with Safari/KHTML. [jan] Avoid recursive folder creation when sharing Kolab folders (michael.sheldon@@credativ.de, Bug #4325). [jan] Add Kolab specific account block driver to support special Kolab users (mzizka@@hotmail.com, Request: #4119). [mms] Only dim below the last signature line of input text in the dimsignature Text_Filter driver. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2007/03/18 12:24:14 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.4.tar.gz) = 3b008b7976b501f86df3d0d556ba831fe222395d RMD160 (horde-3.1.4.tar.gz) = 2b8df7ef0cf9b986b08d4a56414b6ca9219272f0 Size (horde-3.1.4.tar.gz) = 5262198 bytes @ 1.15 log @Update to 3.1.2 Major changes compared to Horde 3.1.1 are: * Security Fixes - Closed XSS problems in dereferrer (IE only), help viewer and problem reporting screen. - Removed unused image proxy code from dereferrer. * Bugfixes and improvements - Added configuration option to disable GET-based sessions. - Added Oracle and generic SQL upgrade scripts. - Improved default charset support. - Improved API and RPC interface. - Fixed the preference cache. The full list of changes (from version 3.1.1) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.231&r2=1.515.2.252&ty=h @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2006/06/16 09:23:21 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.2.tar.gz) = db1ff36d3c1f54f8a1d67059a5cae86c53582cc8 RMD160 (horde-3.1.2.tar.gz) = f37d8d4d21d46c6fc4c7284a60c20c9f10f459aa Size (horde-3.1.2.tar.gz) = 5176353 bytes @ 1.14 log @Bump to 3.1.1nb2 to address recent XSS issue (patches from Horde CVS) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2006/03/28 20:09:48 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.1.tar.gz) = 8735a11bc42f5aae7b70a555763d239614e4aca5 RMD160 (horde-3.1.1.tar.gz) = bb98dbc34caa3410382dcf34afba20e257c62a8d Size (horde-3.1.1.tar.gz) = 5068434 bytes a6 2 SHA1 (patch-ab) = 3d248b02c59abb26e548f93b532fd1657fbb640d SHA1 (patch-ac) = da4ed065b39a30d459dfb9e1f00e38246ff3ab8f @ 1.14.2.1 log @Pullup ticket 1747 - requested by adrianp security update for horde Revisions pulled up: - pkgsrc/www/horde/Makefile 1.46 - pkgsrc/www/horde/PLIST 1.12 - pkgsrc/www/horde/distinfo 1.15 - pkgsrc/www/horde/patches/patch-ab removed - pkgsrc/www/horde/patches/patch-ac removed Module Name: pkgsrc Committed By: adrianp Date: Thu Jul 13 20:41:52 UTC 2006 Modified Files: pkgsrc/www/horde: PLIST distinfo Removed Files: pkgsrc/www/horde/patches: patch-ab patch-ac Log Message: Update to 3.1.2 Major changes compared to Horde 3.1.1 are: * Security Fixes - Closed XSS problems in dereferrer (IE only), help viewer and problem reporting screen. - Removed unused image proxy code from dereferrer. * Bugfixes and improvements - Added configuration option to disable GET-based sessions. - Added Oracle and generic SQL upgrade scripts. - Improved default charset support. - Improved API and RPC interface. - Fixed the preference cache. The full list of changes (from version 3.1.1) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.231&r2=1.515.2.252&ty=h --- Module Name: pkgsrc Committed By: adrianp Date: Thu Jul 13 20:42:21 UTC 2006 Modified Files: pkgsrc/www/horde: Makefile Log Message: Update Makefile missed in 3.1.2 update @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2006/07/13 20:41:51 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.2.tar.gz) = db1ff36d3c1f54f8a1d67059a5cae86c53582cc8 RMD160 (horde-3.1.2.tar.gz) = f37d8d4d21d46c6fc4c7284a60c20c9f10f459aa Size (horde-3.1.2.tar.gz) = 5176353 bytes d7 2 @ 1.14.2.2 log @Pullup ticket 1797 - requested by adrianp security update for horde Revisions pulled up: - pkgsrc/www/horde/Makefile 1.47-1.48 - pkgsrc/www/horde/PLIST 1.13-1.14 - pkgsrc/www/horde/distinfo 1.16 Module Name: pkgsrc Committed By: adrianp Date: Thu Aug 17 20:15:40 UTC 2006 Modified Files: pkgsrc/www/horde: Makefile PLIST distinfo Log Message: Update to 3.1.3 Major changes compared to Horde 3.1.2 are: * Security Fixes - Closed an XSS problem in index.php and improved protection against phishing attempts. * Bugfixes and improvements - Added Kolab group ACL support. - Improved import of date and time fields. - Fixed synchronization support. - Updated Catalan, German and Slovenian translations. The full list of changes (from version 3.1.2) can be viewed here: http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.252&r2=1.515.2.261&ty=h --- Module Name: pkgsrc Committed By: adrianp Date: Sun Aug 20 10:10:59 UTC 2006 Modified Files: pkgsrc/www/horde: Makefile PLIST Log Message: Fix a PLIST bug pointed out by ghen@@ Bump PKGREVISON @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2006/08/17 20:15:40 adrianp Exp $ d3 3 a5 3 SHA1 (horde-3.1.3.tar.gz) = f1c9d03b28aa33e265906a1c0d1bfa9ccfcef79c RMD160 (horde-3.1.3.tar.gz) = 047e91d5f822d4b1123840cb11612faa71c9880f Size (horde-3.1.3.tar.gz) = 5232958 bytes @ 1.13 log @Update horde to 2.2.9 From the CHANGES: > Changes in this release: > * Fixed a potential XSS vulnerability. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2005/05/14 13:33:15 adrianp Exp $ d3 6 a8 4 SHA1 (horde-2.2.9.tar.gz) = 48aed8aa02432622135e95184def93584301d209 RMD160 (horde-2.2.9.tar.gz) = cfd4acad3afe5fd897d6b53c433bb91782fde1f9 Size (horde-2.2.9.tar.gz) = 683026 bytes SHA1 (patch-aa) = b96dfde62079c89245588f5fe97fa2585210da0f @ 1.12 log @- Update horde to 2.2.8 Changes in this release: * Fixed two XSS vulnerabilities. * Updated German and Traditional Chinese translations. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2005/02/24 14:08:31 wiz Exp $ d3 3 a5 3 SHA1 (horde-2.2.8.tar.gz) = 7798d7cc8499879443e0418696b31797ad876108 RMD160 (horde-2.2.8.tar.gz) = c6eafe81e281ea5200fdd30741a2662cc3795eff Size (horde-2.2.8.tar.gz) = 683005 bytes @ 1.12.4.1 log @Pullup ticket 929 - requested by Adrian Portelli security update for horde Revisions pulled up: - pkgsrc/www/horde/Makefile 1.40 - pkgsrc/www/horde/distinfo 1.13 Module Name: pkgsrc Committed By: adrianp Date: Fri Nov 25 21:21:04 UTC 2005 Modified Files: pkgsrc/www/horde: Makefile distinfo Log Message: Update horde to 2.2.9 From the CHANGES: > Changes in this release: > * Fixed a potential XSS vulnerability. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2005/11/25 21:21:04 adrianp Exp $ d3 3 a5 3 SHA1 (horde-2.2.9.tar.gz) = 48aed8aa02432622135e95184def93584301d209 RMD160 (horde-2.2.9.tar.gz) = cfd4acad3afe5fd897d6b53c433bb91782fde1f9 Size (horde-2.2.9.tar.gz) = 683026 bytes @ 1.11 log @Add RMD160 checksums. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2004/11/09 16:23:02 adam Exp $ d3 3 a5 3 SHA1 (horde-2.2.7.tar.gz) = 89762cd6fb078178971f0585973584962f25210f RMD160 (horde-2.2.7.tar.gz) = f5e1296f61f5cb559bfddd1377ef5eaff31ad618 Size (horde-2.2.7.tar.gz) = 680591 bytes @ 1.11.2.1 log @Pullup ticket 503 - requested by Adrian Portelli security update for horde Revisions pulled up: - pkgsrc/www/horde/Makefile 1.34 - pkgsrc/www/horde/distinfo 1.12 Module Name: pkgsrc Committed By: adrianp Date: Sat May 14 13:33:15 UTC 2005 Modified Files: pkgsrc/www/horde: Makefile distinfo Log Message: - Update horde to 2.2.8 Changes in this release: * Fixed two XSS vulnerabilities. * Updated German and Traditional Chinese translations. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2005/05/14 13:33:15 adrianp Exp $ d3 3 a5 3 SHA1 (horde-2.2.8.tar.gz) = 7798d7cc8499879443e0418696b31797ad876108 RMD160 (horde-2.2.8.tar.gz) = c6eafe81e281ea5200fdd30741a2662cc3795eff Size (horde-2.2.8.tar.gz) = 683005 bytes @ 1.10 log @Changes 2.2.7: * Fixed potential XSS vulnerability in the help window * Restored compatibility with PHP 4.1 * Fixed charset of Latvian translation @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2003/09/14 21:26:41 bouyer Exp $ d4 1 @ 1.9 log @Update to 2.2.4, based on patch from Adrian Portelli in pkg/22629. Changes since 2.2.4rc1: [mdj] SECURITY: Add dereferer to strip off session information from links to the outside of the Horde system to protect against session hijacking. [jan] Fix a bug with importing vCard 2.1 data. [jan] Add Arabic (Syria) translation (Platinum Development Team ). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2003/08/16 21:08:40 bouyer Exp $ d3 3 a5 3 SHA1 (horde-2.2.4.tar.gz) = d7b185f0a9e07a9121985d6f6e8aa428d76a83a7 Size (horde-2.2.4.tar.gz) = 630886 bytes SHA1 (patch-aa) = 1fe41104d78cd1224c831b4521700191c08dc453 @ 1.8 log @Update to horde-2.2.4rc1, to fix a security issue. Changes since 2.2.1: [mms] SECURITY: Add code to protect against session fixation issues. [jan] Add Macedonian translation (Stojan Pesov ). [mir] Fix a bug that incorrectly quotes pref values (Bug #1224) [cjh] Fix a bug that prevented logging. [mms] DB session handlers do not use persistent connections by default. [mms] Fix parse error in Horde_Cipher_BlockMode_ofb64::. [mms] Optimization of Secret:: and Horde_Cipher:: drivers. [jan] Add Catalan translation (Angels GuimerĂ  ). [mms] Added a RADIUS Auth:: driver. [mir] Added a Samba Auth:: driver. [cjh] Added the Horde_Image:: class. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2003/03/17 17:58:13 bouyer Exp $ d3 2 a4 2 SHA1 (horde-2.2.4-RC1.tar.gz) = 5732b81671a07830add3bfbe952c5e2b50f5a5e3 Size (horde-2.2.4-RC1.tar.gz) = 605427 bytes @ 1.7 log @Update to 2.2.1. Main changes since 2.0: Add various translations Add a preference to allow maintenance ops with no confirmation screen Allow setting the number of columns in the summary screen as a user preference (Brian Keifer ). Make text, icon, or both menus a user preference Add a Horde preferences screen, and a preference to refresh the summary screen. Add text/enriched MIME_Viewer See share/doc/horde/CHANGES for details. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2002/02/01 22:41:16 bouyer Exp $ d3 3 a5 3 SHA1 (horde-2.2.1.tar.gz) = adcfe2c546898a89f8f44a6e512d7cd58db6a560 Size (horde-2.2.1.tar.gz) = 537836 bytes SHA1 (patch-aa) = d61d8c69c3f1cc2bf596a8609b7e0f034179b85c @ 1.6 log @Update to horde 2.0, as 1.2.7 doesn't work with the new php. "has been released. The 2.0 release is a massive upgrade of the Horde Application Framework. Many components have been added or streamlined. Inter-application support is much more robust, a generic MIME_Viewer framework is included, a new preferences system supports global or application scope for preferences, and more!" @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2001/11/11 19:30:08 bouyer Exp $ d3 3 a5 3 SHA1 (horde-2.0.tar.gz) = 0309739abb7040f8b32121b412a4c1116255124d Size (horde-2.0.tar.gz) = 336638 bytes SHA1 (patch-aa) = a3808c405b7fd2edc12249f929194a0e9c359f84 @ 1.6.6.1 log @Update to 2.2.1. Main changes since 2.0: Add various translations Add a preference to allow maintenance ops with no confirmation screen Allow setting the number of columns in the summary screen as a user preference (Brian Keifer ). Make text, icon, or both menus a user preference Add a Horde preferences screen, and a preference to refresh the summary screen. Add text/enriched MIME_Viewer See share/doc/horde/CHANGES for details. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2002/02/01 22:41:16 bouyer Exp $ d3 3 a5 3 SHA1 (horde-2.2.1.tar.gz) = adcfe2c546898a89f8f44a6e512d7cd58db6a560 Size (horde-2.2.1.tar.gz) = 537836 bytes SHA1 (patch-aa) = d61d8c69c3f1cc2bf596a8609b7e0f034179b85c @ 1.6.6.2 log @Wrong branch, sorry. Back out previous. @ text @d3 3 a5 3 SHA1 (horde-2.0.tar.gz) = 0309739abb7040f8b32121b412a4c1116255124d Size (horde-2.0.tar.gz) = 336638 bytes SHA1 (patch-aa) = a3808c405b7fd2edc12249f929194a0e9c359f84 @ 1.6.6.3 log @Pullup rev 1.8 (via patch) (requested by bouyer in ticket #1419) Update horde to 2.2.4rc1 and imp to 3.2.2rc1, for the "session fixation" security problem. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2003/08/16 21:08:40 bouyer Exp $ d3 3 a5 3 SHA1 (horde-2.2.4-RC1.tar.gz) = 5732b81671a07830add3bfbe952c5e2b50f5a5e3 Size (horde-2.2.4-RC1.tar.gz) = 605427 bytes SHA1 (patch-aa) = 1fe41104d78cd1224c831b4521700191c08dc453 @ 1.6.6.4 log @Pullup rev 1.9 (requested by bouyer in ticket #1467) Update to 2.2.4, based on patch from Adrian Portelli in PR#22629. Changes since 2.2.4rc1: SECURITY: Add dereferer to strip off session information from links to the outside of the Horde system to protect against session hijacking. Fix a bug with importing vCard 2.1 data. Add Arabic (Syria) translation. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6.6.3 2003/10/22 22:59:34 jmc Exp $ d3 2 a4 2 SHA1 (horde-2.2.4.tar.gz) = d7b185f0a9e07a9121985d6f6e8aa428d76a83a7 Size (horde-2.2.4.tar.gz) = 630886 bytes @ 1.5 log @Update horde to 1.2.7. Change: no changes to Horde this release; companion to IMP v2.2.7 only @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2001/07/29 14:24:46 bouyer Exp $ d3 3 a5 7 SHA1 (horde-1.2.7.tar.gz) = dec75eec52c9a07de766bcdde4b2997f81bed6c0 Size (horde-1.2.7.tar.gz) = 143844 bytes SHA1 (patch-aa) = 31c6653a6c0d237684caa441f5d95b69dee16976 SHA1 (patch-ab) = 2beb9e66918e113ed1c3112e74cf42ff06975614 SHA1 (patch-ac) = e8c2702cae1698f2274ecf8ebd676eb25e451c66 SHA1 (patch-ad) = 76cdb0970d66c7b97f83b5dc4033eb44705e251a SHA1 (patch-ae) = c0e0befce11c535d6f655e3c8bc7a6c0487c1d78 @ 1.4 log @Update to 1.2.6. Change since 1.2.5 is security fixes, possibly allowing remote shell. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2001/05/22 21:11:57 jlam Exp $ d3 2 a4 2 SHA1 (horde-1.2.6.tar.gz) = f2e09748271f93c797dbb934de4b65a073aa8463 Size (horde-1.2.6.tar.gz) = 143617 bytes @ 1.3 log @Update horde to 1.2.5. Changes from version 1.2.4: [max] Move all JavaScript URLs to the onclick event handler to prevent breaking IE SSL in certain circumstances. [cjh] Browser detection recognizes ie6. [cjh] Added locale/se (Daniel Andersson ). [bjn] Ignore errors from PHPLIB session.inc posix_getpid (which isn't supported by Windows 95/98/ME). [cjh] Run $language through basename() before returning it in select_lang() to avoid possible exploits, though a seperate bug in php needs to be present to really exploit this. [cjh] Reject From: addresses containing spaces, ';', or '&', and don't put quotes around addresses (since sendmail doesn't strip them). If this is too strict, we'll reconsider later. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2001/04/20 12:02:36 skrll Exp $ d3 2 a4 2 SHA1 (horde-1.2.5.tar.gz) = add94c3e1bb975526198e4932509ccb701b79108 Size (horde-1.2.5.tar.gz) = 141108 bytes @ 1.2 log @Move to sha1 digests, and add distfile sizes. @ text @d1 1 a1 1 $NetBSD$ d3 2 a4 2 SHA1 (horde-1.2.4.tar.gz) = 0193dfa7df6a02c189322a8be70cac752d71c18d Size (horde-1.2.4.tar.gz) = 135727 bytes @ 1.1 log @+ move the distfile digest/checksum value from files/md5 to distinfo + move the patch digest/checksum values from files/patch-sum to distinfo @ text @d1 1 a1 1 $NetBSD: md5,v 1.1.1.1 2001/02/12 15:26:04 jlam Exp $ d3 2 a4 1 MD5 (horde-1.2.4.tar.gz) = 34c4dad1b7d4f7043e5cd8fc0e1b8eba @