summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAaron W. Swenson <titanofold@gentoo.org>2018-11-04 06:00:31 -0500
committerAaron W. Swenson <titanofold@gentoo.org>2018-11-04 06:00:34 -0500
commitda4ec2b100597b0e25a43e10059ac2dbfba3dd0e (patch)
treefe55884033e4a054d514b79b12d35ff96e283c30
parentdev-java/maven-bin: version bump (diff)
downloadgentoo-da4ec2b100597b0e25a43e10059ac2dbfba3dd0e.tar.gz
gentoo-da4ec2b100597b0e25a43e10059ac2dbfba3dd0e.tar.bz2
gentoo-da4ec2b100597b0e25a43e10059ac2dbfba3dd0e.zip
mail-client/roundcube: Security Bump to 1.3.8
Resolves a XSS vulnerability. Additionally, contains updates to ensure compatibility with PHP 7.3 and recent versions of Courier-IMAP, Dovecot and MySQL 8. Bug: https://bugs.gentoo.org/669696 Package-Manager: Portage-2.3.49, Repoman-2.3.11 Signed-off-by: Aaron Swenson <titanofold@gentoo.org>
-rw-r--r--mail-client/roundcube/Manifest1
-rw-r--r--mail-client/roundcube/roundcube-1.3.8.ebuild96
2 files changed, 97 insertions, 0 deletions
diff --git a/mail-client/roundcube/Manifest b/mail-client/roundcube/Manifest
index a37da701442..18b020db29d 100644
--- a/mail-client/roundcube/Manifest
+++ b/mail-client/roundcube/Manifest
@@ -1,2 +1,3 @@
DIST roundcubemail-1.3.6-complete.tar.gz 5529370 BLAKE2B 49fd04d81b7047c61d33007b49aff2fe8d68fb0572d305b51aa0ae997c06e4924a3ff32861c19741f0c4d82adb9abb317781de8c1b324120e57d77f413cfa480 SHA512 fc1627d4b539742524c43b3faaa8cb5d64f934ad03f7cf8a461580a3a38dccb11140d08499b988742a0892534b1eda52f37a50f0911015983b6e27703294c70e
DIST roundcubemail-1.3.7-complete.tar.gz 5533537 BLAKE2B 48d0c8e50d3d4878fa901bde40791bd9f6b11498f1acfed798bdd889817dc58baeec1985ad67b82326b48428f08b40730f301d2383df5a8700cf89bd31c01c0f SHA512 2e6c1e94866750835d843b4f4ea77148e467dfbee3a15e20bd7c9086c11ad9919f0ddc6097c40cacfcdbc2ceacf2f6fb1b7e8546a7fcb9f20d0e5bf84283d724
+DIST roundcubemail-1.3.8-complete.tar.gz 5534385 BLAKE2B 2f0cb528d0901d267c74d57baa18d1f057fdd2eb0f872f3cef1053847861998f8c6551fc17506ae365086ed1f86c3ee9e73a96adb2e43c6c32025e7afaf63710 SHA512 34dc9205cd93be6d6551086f4d22654dad7213b4b09000dc4def08357acdc634744ce1f560144a3d3b46e936258e90482e77fc4c691a55c205bcfdfe3745441e
diff --git a/mail-client/roundcube/roundcube-1.3.8.ebuild b/mail-client/roundcube/roundcube-1.3.8.ebuild
new file mode 100644
index 00000000000..0fe303dc98b
--- /dev/null
+++ b/mail-client/roundcube/roundcube-1.3.8.ebuild
@@ -0,0 +1,96 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit webapp
+
+MY_PN=${PN}mail
+MY_P=${MY_PN}-${PV}
+
+DESCRIPTION="A browser-based multilingual IMAP client with an application-like user interface"
+HOMEPAGE="https://roundcube.net"
+SRC_URI="https://github.com/${PN}/${MY_PN}/releases/download/${PV}/${MY_P}-complete.tar.gz"
+
+# roundcube is GPL-licensed, the rest of the licenses here are
+# for bundled PEAR components, googiespell and utf8.class.php
+LICENSE="GPL-3 BSD PHP-2.02 PHP-3 MIT public-domain"
+KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86"
+
+IUSE="change-password enigma ldap managesieve mysql postgres sqlite ssl spell"
+REQUIRED_USE="|| ( mysql postgres sqlite )"
+
+# this function only sets DEPEND so we need to include that in RDEPEND
+need_httpd_cgi
+
+# :TODO: Support "endriod/qrcode: ~1.6.5" dep (ebuild needed)
+RDEPEND="
+ ${DEPEND}
+ >=dev-lang/php-5.4.0[filter,gd,iconv,json,ldap?,pdo,postgres?,session,sqlite?,ssl?,unicode,xml]
+ >=dev-php/PEAR-Auth_SASL-1.1.0
+ >=dev-php/PEAR-Mail_Mime-1.10.0
+ >=dev-php/PEAR-Mail_mimeDecode-1.5.5
+ >=dev-php/PEAR-Net_IDNA2-0.2.0
+ >=dev-php/PEAR-Net_SMTP-1.7.1
+ virtual/httpd-php
+ change-password? (
+ >=dev-php/PEAR-Net_Socket-1.2.1
+ dev-lang/php[sockets]
+ )
+ enigma? (
+ >=dev-php/PEAR-Crypt_GPG-1.6.0
+ app-crypt/gnupg
+ )
+ ldap? (
+ >=dev-php/PEAR-Net_LDAP2-2.2.0
+ dev-php/PEAR-Net_LDAP3
+ )
+ managesieve? ( >=dev-php/PEAR-Net_Sieve-1.4.0 )
+ mysql? (
+ || (
+ dev-lang/php[mysql]
+ dev-lang/php[mysqli]
+ )
+ )
+ spell? ( dev-lang/php[curl,spell] )
+"
+
+S="${WORKDIR}/${MY_P}"
+
+src_prepare() {
+ default
+
+ # Redundant. (Bug #644896)
+ rm -r vendor/pear || die
+ # Remove references to PEAR. (Bug #650910)
+ cp "${FILESDIR}"/roundcube-1.3.7-pear-removed-installed.json \
+ vendor/composer/installed.json \
+ || die
+}
+
+src_install() {
+ webapp_src_preinst
+
+ dodoc CHANGELOG INSTALL README.md UPGRADING
+
+ insinto "${MY_HTDOCSDIR}"
+ doins -r [[:lower:]]* SQL
+ doins .htaccess
+
+ webapp_serverowned "${MY_HTDOCSDIR}"/logs
+ webapp_serverowned "${MY_HTDOCSDIR}"/temp
+
+ webapp_configfile "${MY_HTDOCSDIR}"/config/defaults.inc.php
+ webapp_postupgrade_txt en "${FILESDIR}/POST-UPGRADE.txt"
+
+ webapp_src_install
+}
+
+pkg_postinst() {
+ webapp_pkg_postinst
+
+ if [[ -n ${REPLACING_VERSIONS} ]]; then
+ elog "You can review the post-upgrade instructions at:"
+ elog "${EROOT%/}/usr/share/webapps/${PN}/${PV}/postupgrade-en.txt"
+ fi
+}