Publishing details
Changelog
roundcube (1.4.3+dfsg.1-1) unstable; urgency=medium
* New upstream release.
* d/roundcube-core.post*:
+ Replace tabs with spaces.
+ Pass flag '-f' to rm(1).
* d/roundcube-core.postinst:
+ Create temporary config file with restricted permissions. Previously
the file was created with mode 0644 (minus umask), possibly leaking
secrets to a local attacker during a short time window. (The file was,
and still is, removed later during the postinst stage.)
+ If the config file /etc/roundcube/config.inc.php already exists, don't
override its ownership or mode. Otherwise (atomically) create it with
owner root:www-data and mode 0640, like before. (Closes: #951194)
+ Honor dpkg-statoverride(1) rules on /var/lib/roundcube/temp and
/var/log/roundcube: don't chown/chmod these directories if the local
admin has defined overrides.
* d/roundcube-core.postrm:
+ Also remove '.ucf-{new,old,dist}'-suffixed configuration files on purge,
as suggested by ucf(1).
+ Only recursively remove /var/lib/roundcube/temp on purge, not its
parent /var/lib/roundcube. Roundcube needs only write access to the
temp dir.
* d/patches/update_script.patch: Restore patch removed in 1.4.1+dfsg.1-1
to fix the ucf logic.
* d/patches/dbconfig-common_support.patch: Use C++ style comment for
consistency.
-- Guilhem Moulin <email address hidden> Mon, 24 Feb 2020 06:39:10 +0100
Builds
Built packages
-
roundcube
skinnable AJAX based webmail solution for IMAP servers - metapackage
-
roundcube-core
skinnable AJAX based webmail solution for IMAP servers
-
roundcube-mysql
metapackage providing MySQL dependencies for RoundCube
-
roundcube-pgsql
metapackage providing PostgreSQL dependencies for RoundCube
-
roundcube-plugins
skinnable AJAX based webmail solution for IMAP servers - plugins
-
roundcube-sqlite3
metapackage providing SQLite dependencies for RoundCube
Package files