head 1.6; access; symbols pkgsrc-2026Q1:1.6.0.20 pkgsrc-2026Q1-base:1.6 pkgsrc-2025Q4:1.6.0.18 pkgsrc-2025Q4-base:1.6 pkgsrc-2025Q3:1.6.0.16 pkgsrc-2025Q3-base:1.6 pkgsrc-2025Q2:1.6.0.14 pkgsrc-2025Q2-base:1.6 pkgsrc-2025Q1:1.6.0.12 pkgsrc-2025Q1-base:1.6 pkgsrc-2024Q4:1.6.0.10 pkgsrc-2024Q4-base:1.6 pkgsrc-2024Q3:1.6.0.8 pkgsrc-2024Q3-base:1.6 pkgsrc-2024Q2:1.6.0.6 pkgsrc-2024Q2-base:1.6 pkgsrc-2024Q1:1.6.0.4 pkgsrc-2024Q1-base:1.6 pkgsrc-2023Q4:1.6.0.2 pkgsrc-2023Q4-base:1.6 pkgsrc-2023Q3:1.5.0.10 pkgsrc-2023Q3-base:1.5 pkgsrc-2023Q2:1.5.0.8 pkgsrc-2023Q2-base:1.5 pkgsrc-2023Q1:1.5.0.6 pkgsrc-2023Q1-base:1.5 pkgsrc-2022Q4:1.5.0.4 pkgsrc-2022Q4-base:1.5 pkgsrc-2022Q3:1.5.0.2 pkgsrc-2022Q3-base:1.5 pkgsrc-2022Q2:1.3.0.20 pkgsrc-2022Q2-base:1.3 pkgsrc-2022Q1:1.3.0.18 pkgsrc-2022Q1-base:1.3 pkgsrc-2021Q4:1.3.0.16 pkgsrc-2021Q4-base:1.3 pkgsrc-2021Q3:1.3.0.14 pkgsrc-2021Q3-base:1.3 pkgsrc-2021Q2:1.3.0.12 pkgsrc-2021Q2-base:1.3 pkgsrc-2021Q1:1.3.0.10 pkgsrc-2021Q1-base:1.3 pkgsrc-2020Q4:1.3.0.8 pkgsrc-2020Q4-base:1.3 pkgsrc-2020Q3:1.3.0.6 pkgsrc-2020Q3-base:1.3 pkgsrc-2020Q2:1.3.0.4 pkgsrc-2020Q2-base:1.3 pkgsrc-2020Q1:1.3.0.2 pkgsrc-2013Q2:1.2.0.2 pkgsrc-2013Q2-base:1.2; locks; strict; comment @# @; 1.6 date 2023.10.17.15.47.09; author taca; state Exp; branches; next 1.5; commitid OJdxPTw8eXkWHZIE; 1.5 date 2022.08.19.13.09.38; author taca; state Exp; branches; next 1.4; commitid 2IuNjWnri4SltuQD; 1.4 date 2022.08.18.07.00.31; author wiz; state dead; branches; next 1.3; commitid Z4HriNryv36HskQD; 1.3 date 2020.06.07.22.07.04; author taca; state Exp; branches 1.3.2.1; next 1.2; commitid 9wml6PbftDPYflbC; 1.2 date 2013.06.16.22.04.07; author taca; state dead; branches; next 1.1; commitid KB5USoBwVpaQ8TTw; 1.1 date 2013.06.15.16.08.09; author taca; state Exp; branches; next ; commitid Qx8UmbkQjRHFcJTw; 1.3.2.1 date 2020.06.07.22.07.04; author bsiegert; state dead; branches; next 1.3.2.2; commitid 7EwKoXVGjrRZMxbC; 1.3.2.2 date 2020.06.09.11.51.50; author bsiegert; state Exp; branches; next ; commitid 7EwKoXVGjrRZMxbC; desc @@ 1.6 log @mail/roundcube: update to 1.6.4 1.6.4 (2023-10-16) Security update. - Fix PHP8 warnings (#9142, #9160) - Fix default 'mime.types' path on Windows (#9113) - Managesieve: Fix javascript error when relational or spamtest extension is not enabled (#9139) - Fix cross-site scripting (XSS) vulnerability in handling of SVG in HTML messages (#9168) @ text @$NetBSD: patch-program_lib_Roundcube_rcube__mime.php,v 1.5 2022/08/19 13:09:38 taca Exp $ Fix path to /etc/. --- program/lib/Roundcube/rcube_mime.php.orig 2023-10-16 09:23:06.000000000 +0000 +++ program/lib/Roundcube/rcube_mime.php @@@@ -835,12 +835,12 @@@@ class rcube_mime $file_paths[] = 'C:/xampp/apache/conf/mime.types'; } else { - $file_paths[] = '/etc/mime.types'; - $file_paths[] = '/etc/httpd/mime.types'; - $file_paths[] = '/etc/httpd2/mime.types'; - $file_paths[] = '/etc/apache/mime.types'; - $file_paths[] = '/etc/apache2/mime.types'; - $file_paths[] = '/etc/nginx/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/httpd/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/httpd2/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/apache/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/apache2/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/nginx/mime.types'; $file_paths[] = '/usr/local/etc/httpd/conf/mime.types'; $file_paths[] = '/usr/local/etc/apache/conf/mime.types'; $file_paths[] = '/usr/local/etc/apache24/mime.types'; @ 1.5 log @mail/roundcube: restore patches Restore patches accidently removed by me. Noted by tnn@@ and thanks much. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: patch-program_lib_Roundcube_rcube__mime.php,v 1.3 2020/06/07 22:07:04 taca Exp $ d5 1 a5 1 --- program/lib/Roundcube/rcube_mime.php.orig 2018-04-11 11:06:18.000000000 +0000 d7 2 a8 2 @@@@ -790,12 +790,12 @@@@ class rcube_mime $file_paths[] = 'C:/xampp/apache/conf/mime.types.'; @ 1.4 log @roundcube: remove patches that were removed from distinfo during update @ text @@ 1.3 log @mail/roundcube: update to 1.4.5 Update roundcube to 1.4.5, including some security fixes. pkgsrc change: * Proper replace PHP interpreter. * Fix php-sockets option to work. RELEASE 1.4.5 ------------- - Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364) - Fix so the database setup description is compatible with MySQL 8 (#7340) - Markasjunk: Fix regression in jsevent driver (#7361) - Fix missing flag indication on collapsed thread in Larry and Elastic (#7366) - Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367) - Mailvelope: Use sender's address to find pubkeys to check signatures (#7348) - Mailvelope: Fix Encrypt button hidden in Elastic (#7353) - Fix PHP warning: count(): Parameter must be an array or an object... in ID command handler (#7392) - Fix error when user-configured skin does not exist anymore (#7271) - Elastic: Fix aspect ratio of a contact photo in mail preview (#7339) - Fix bug where PDF attachments marked as inline could have not been attached on mail forward (#7382) - Security: Fix a couple of XSS issues in Installer (#7406) - Security: Fix XSS issue in template object 'username' (#7406) - Security: Better fix for CVE-2020-12641 - Security: Fix cross-site scripting (XSS) via malicious XML attachment @ text @d1 1 a1 1 $NetBSD$ @ 1.3.2.1 log @file patch-program_lib_Roundcube_rcube__mime.php was added on branch pkgsrc-2020Q1 on 2020-06-09 11:51:50 +0000 @ text @d1 25 @ 1.3.2.2 log @Pullup ticket #6231 - requested by taca mail/roundcube: security fix Revisions pulled up: - mail/roundcube-plugin-password/distinfo 1.18-1.19 - mail/roundcube/Makefile 1.93 - mail/roundcube/Makefile.common 1.18-1.19 - mail/roundcube/distinfo 1.69-1.70 - mail/roundcube/options.mk 1.17 - mail/roundcube/patches/patch-program_lib_Roundcube_rcube__mime.php 1.3 - mail/roundcube/patches/patch-rcube_mime_default deleted --- Module Name: pkgsrc Committed By: taca Date: Sun Jun 7 22:07:04 UTC 2020 Modified Files: pkgsrc/mail/roundcube: Makefile Makefile.common distinfo options.mk Added Files: pkgsrc/mail/roundcube/patches: patch-program_lib_Roundcube_rcube__mime.php Removed Files: pkgsrc/mail/roundcube/patches: patch-rcube_mime_default Log Message: mail/roundcube: update to 1.4.5 Update roundcube to 1.4.5, including some security fixes. pkgsrc change: * Proper replace PHP interpreter. * Fix php-sockets option to work. RELEASE 1.4.5 ------------- - Fix bug in extracting required plugins from composer.json that led to spurious error in log (#7364) - Fix so the database setup description is compatible with MySQL 8 (#7340) - Markasjunk: Fix regression in jsevent driver (#7361) - Fix missing flag indication on collapsed thread in Larry and Elastic (#7366) - Fix default keyservers (use keys.openpgp.org), add note about CORS (#7373, #7367) - Mailvelope: Use sender's address to find pubkeys to check signatures (#7348) - Mailvelope: Fix Encrypt button hidden in Elastic (#7353) - Fix PHP warning: count(): Parameter must be an array or an object... in ID command handler (#7392) - Fix error when user-configured skin does not exist anymore (#7271) - Elastic: Fix aspect ratio of a contact photo in mail preview (#7339) - Fix bug where PDF attachments marked as inline could have not been attached on mail forward (#7382) - Security: Fix a couple of XSS issues in Installer (#7406) - Security: Fix XSS issue in template object 'username' (#7406) - Security: Better fix for CVE-2020-12641 - Security: Fix cross-site scripting (XSS) via malicious XML attachment --- Module Name: pkgsrc Committed By: taca Date: Sun Jun 7 22:08:37 UTC 2020 Modified Files: pkgsrc/mail/roundcube-plugin-password: distinfo Log Message: mail/roundcube-plugin-password: update to 1.4.5 Update roundcube-plugin-password to 1.4.5 RELEASE 1.4.5 ------------- - Password: Fix issue with Modoboa driver (#7372) --- Module Name: pkgsrc Committed By: taca Date: Tue Jun 9 00:25:19 UTC 2020 Modified Files: pkgsrc/mail/roundcube: Makefile.common distinfo pkgsrc/mail/roundcube-plugin-password: distinfo Log Message: mail/roundcube: update to 1.14.6 Update roundcube to 1.14.6. RELEASE 1.4.6 ------------- - Installer: Fix regression in SMTP test section (#7417) @ text @a0 25 $NetBSD: patch-program_lib_Roundcube_rcube__mime.php,v 1.3 2020/06/07 22:07:04 taca Exp $ Fix path to /etc/. --- program/lib/Roundcube/rcube_mime.php.orig 2018-04-11 11:06:18.000000000 +0000 +++ program/lib/Roundcube/rcube_mime.php @@@@ -790,12 +790,12 @@@@ class rcube_mime $file_paths[] = 'C:/xampp/apache/conf/mime.types.'; } else { - $file_paths[] = '/etc/mime.types'; - $file_paths[] = '/etc/httpd/mime.types'; - $file_paths[] = '/etc/httpd2/mime.types'; - $file_paths[] = '/etc/apache/mime.types'; - $file_paths[] = '/etc/apache2/mime.types'; - $file_paths[] = '/etc/nginx/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/httpd/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/httpd2/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/apache/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/apache2/mime.types'; + $file_paths[] = '@@PKG_SYSCONFBASE@@/nginx/mime.types'; $file_paths[] = '/usr/local/etc/httpd/conf/mime.types'; $file_paths[] = '/usr/local/etc/apache/conf/mime.types'; $file_paths[] = '/usr/local/etc/apache24/mime.types'; @ 1.2 log @Update roundcube to 0.9.2. RELEASE 0.9.2 ------------- - Fix image thumbnails display in print mode (#1489134) - Fix height of message headers block (#1489108) - Fix timeout issue on drag&drop uploads (#1489170) - Fix default sorting of threaded list when THREAD=REFS isn't supported - Fix list mode switch to 'List' after saving list settings in Larry skin (#1489164) - Fix error when there's no writeable addressbook source (#1489162) - Fix zipdownload plugin issue with filenames charset (#1489156) - Fix so non-inline images aren't skipped on forward (#1489150) - Fix "null" instead of empty string on messages list in IE10 (#1489145) - Fix legacy options handling - Fix so bounces addresses in Sender headers are skipped on Reply-All (#1489011) - Fix bug where serialized strings were truncated in PDO::quote() (#1489142) - Fix displaying messages with invalid self-closing HTML tags (#1489137) - Fix PHP warning when responding to a message with many Return-Path headers (#1489136) - Fix unintentional compose window resize (#1489114) - Fix performance regression in text wrapping function (#1489133) - Fix connection to posgtres db using unix socket (#1489132) - Fix handling of comma when adding contact from contacts widget (#1489107) - Fix bug where a message was opened in both preview pane and new window on double-click (#1489122) - Fix fatal error when xdebug.max_nesting_level was exceeded in rcube_washtml (#1489110) - Fix PHP warning in html_table::set_row_attribs() in PHP 5.4 (#1489094) - Fix invalid option selected in default_font selector when font is unset (#1489112) - Fix displaying contact with ID divisible by 100 in sql addressbook (#1489121) - Fix browser warnings on PDF plugin detection (#1489118) - Fix fatal error when parsing UUencoded messages (#1489119) @ text @d1 1 a1 1 $NetBSD: patch-program_lib_Roundcube_rcube__mime.php,v 1.1 2013/06/15 16:08:09 taca Exp $ d3 1 a3 6 Fix from repository: * commit db108e37793c7f8fc8ba11f00d0561d1f0bd32c0: Fix another text wrapping issue (wrong handling of long unwrappable lines) * commit f031cb6c5e4fd3dcb7ea243d477825868d8ad17b: Fix performance regression in text wrapping function (#1489133) - don't use iconv here d5 1 a5 1 --- program/lib/Roundcube/rcube_mime.php.orig 2013-05-16 18:06:36.000000000 +0000 d7 2 a8 121 @@@@ -587,23 +587,20 @@@@ class rcube_mime */ public static function wordwrap($string, $width=75, $break="\n", $cut=false, $charset=null, $wrap_quoted=true) { - if (!$charset) { - $charset = RCUBE_CHARSET; - } + // Note: Never try to use iconv instead of mbstring functions here + // Iconv's substr/strlen are 100x slower (#1489113) - // detect available functions - $strlen_func = function_exists('iconv_strlen') ? 'iconv_strlen' : 'mb_strlen'; - $strpos_func = function_exists('iconv_strpos') ? 'iconv_strpos' : 'mb_strpos'; - $strrpos_func = function_exists('iconv_strrpos') ? 'iconv_strrpos' : 'mb_strrpos'; - $substr_func = function_exists('iconv_substr') ? 'iconv_substr' : 'mb_substr'; + if ($charset && $charset != RCUBE_CHARSET && function_exists('mb_internal_encoding')) { + mb_internal_encoding($charset); + } // Convert \r\n to \n, this is our line-separator $string = str_replace("\r\n", "\n", $string); $separator = "\n"; // must be 1 character length $result = array(); - while (($stringLength = $strlen_func($string, $charset)) > 0) { - $breakPos = $strpos_func($string, $separator, 0, $charset); + while (($stringLength = mb_strlen($string)) > 0) { + $breakPos = mb_strpos($string, $separator, 0); // quoted line (do not wrap) if ($wrap_quoted && $string[0] == '>') { @@@@ -612,7 +609,7 @@@@ class rcube_mime $cutLength = null; } else { - $subString = $substr_func($string, 0, $breakPos, $charset); + $subString = mb_substr($string, 0, $breakPos); $cutLength = $breakPos + 1; } } @@@@ -623,55 +620,54 @@@@ class rcube_mime $cutLength = null; } else { - $subString = $substr_func($string, 0, $breakPos, $charset); + $subString = mb_substr($string, 0, $breakPos); $cutLength = $breakPos + 1; } } else { - $subString = $substr_func($string, 0, $width, $charset); + $subString = mb_substr($string, 0, $width); // last line if ($breakPos === false && $subString === $string) { $cutLength = null; } else { - $nextChar = $substr_func($string, $width, 1, $charset); + $nextChar = mb_substr($string, $width, 1); if ($nextChar === ' ' || $nextChar === $separator) { - $afterNextChar = $substr_func($string, $width + 1, 1, $charset); + $afterNextChar = mb_substr($string, $width + 1, 1); if ($afterNextChar === false) { $subString .= $nextChar; } - $cutLength = $strlen_func($subString, $charset) + 1; + $cutLength = mb_strlen($subString) + 1; } else { - if ($strrpos_func[0] == 'm') { - $spacePos = $strrpos_func($subString, ' ', 0, $charset); - } - else { - $spacePos = $strrpos_func($subString, ' ', $charset); - } + $spacePos = mb_strrpos($subString, ' ', 0); if ($spacePos !== false) { - $subString = $substr_func($subString, 0, $spacePos, $charset); + $subString = mb_substr($subString, 0, $spacePos); $cutLength = $spacePos + 1; } + else if ($cut === false && $breakPos === false) { + $subString = $string; + $cutLength = null; + } else if ($cut === false) { - $spacePos = $strpos_func($string, ' ', 0, $charset); + $spacePos = mb_strpos($string, ' ', 0); if ($spacePos !== false && $spacePos < $breakPos) { - $subString = $substr_func($string, 0, $spacePos, $charset); + $subString = mb_substr($string, 0, $spacePos); $cutLength = $spacePos + 1; } else { - $subString = $substr_func($string, 0, $breakPos, $charset); + $subString = mb_substr($string, 0, $breakPos); $cutLength = $breakPos + 1; } } else { - $subString = $substr_func($subString, 0, $width, $charset); + $subString = mb_substr($subString, 0, $width); $cutLength = $width; } } @@@@ -681,13 +677,17 @@@@ class rcube_mime $result[] = $subString; if ($cutLength !== null) { - $string = $substr_func($string, $cutLength, ($stringLength - $cutLength), $charset); + $string = mb_substr($string, $cutLength, ($stringLength - $cutLength)); } else { break; } d10 16 a25 17 + if ($charset && $charset != RCUBE_CHARSET && function_exists('mb_internal_encoding')) { + mb_internal_encoding(RCUBE_CHARSET); + } + return implode($break, $result); } @@@@ -795,7 +795,7 @@@@ class rcube_mime } foreach ($file_paths as $fp) { - if (is_readable($fp)) { + if (@@is_readable($fp)) { $lines = file($fp, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); break; } @ 1.1 log @Update roundcube to 0.9.1. Changes are too any to write here and please refer CHANGELOG. pkgsrc changes: * Add note to enable access_compat_module Apache 2.3 or later. * Make php-mcrypt mandatory. * Clean up PKG_OPTIONS. * Add several patches from official repository. @ text @d1 1 a1 1 $NetBSD$ @