Change log for collabtive package in Ubuntu

collabtive (2.0+dfsg-6ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: server-side arbitrary code execution
    - debian/patches/CVE-2015-0258.patch: Fix avatar upload filename blacklist
      functionality in manageuser.php.
    - CVE-2015-0258

 -- Avital Ostromich <email address hidden>  Fri, 09 Oct 2020 09:56:14 -0400

Available diffs

• diff from 2.0+dfsg-6ubuntu1 (in Ubuntu) to 2.0+dfsg-6ubuntu1.1 (789 bytes)

collabtive (2.0+dfsg-6ubuntu1) xenial; urgency=medium

  * Update to PHP7.0 dependencies (LP: #1544352).

 -- Nishanth Aravamudan <email address hidden>  Fri, 12 Feb 2016 09:07:31 -0800

Available diffs

• diff from 2.0+dfsg-6 (in Debian) to 2.0+dfsg-6ubuntu1 (933 bytes)

collabtive (2.0+dfsg-6) unstable; urgency=low


  * Use systemwide versions of php-seclib and php-htmlpurifier instead
    of the provided convenience copies (Closes: #781414)

 -- Gunnar Wolf <email address hidden>  Mon, 06 Apr 2015 19:26:14 -0500

Available diffs

• diff from 2.0+dfsg-5 to 2.0+dfsg-6 (1.5 KiB)

collabtive (2.0+dfsg-5) unstable; urgency=medium


  * Forgot one file to patch in the just-uploaded patch :-P

 -- Gunnar Wolf <email address hidden>  Tue, 21 Oct 2014 12:36:36 -0500

Available diffs

• diff from 1.2+dfsg2-1 to 2.0+dfsg-5 (782.2 KiB)

collabtive (1.2+dfsg2-1) unstable; urgency=medium


  * Repacked upstream sources to include non-free file (which is not
    directly used by the built package) (Closes: #752211)
  * Fixed the dversionmangle in debian/watch

 -- Gunnar Wolf <email address hidden>  Sun, 22 Jun 2014 09:31:12 -0500

Available diffs

• diff from 1.2+dfsg-2 to 1.2+dfsg2-1 (1.4 KiB)

collabtive (1.2+dfsg-2) unstable; urgency=high


  * Reliability patch: Check queries return objects before iterating
    over them, avoiding PHP errors (and ugly blank screens)
  * Fix a SQL injection vulnerability in project.datei.php (ref: CVE-
    2014-3246) (Closes: #748828)

 -- Gunnar Wolf <email address hidden>  Fri, 23 May 2014 11:27:55 -0500

Available diffs

• diff from 1.2+dfsg-1 to 1.2+dfsg-2 (10.5 KiB)

collabtive (1.2+dfsg-1) unstable; urgency=medium


  * Start looking into missing minified JS sources (#744286); add the
    sources for lytebox in debian/missing-sources
  * Add the contents from the old (from version 0.7-1)
    include/js/uncrompressed (sp) as debian/missing-sources (Closes:
    #744286)
  * Add a build-dep on apache2-dev instead of dh-apache2 (per lintian
    warning)
  * Explicitly exclude tiny_mce in debian/copyright
  * Updated the declared file version in debian/copyright to allow for
    auto-dfsg-repacking

 -- Gunnar Wolf <email address hidden>  Sat, 12 Apr 2014 11:01:27 -0500

Available diffs

• diff from 1.2-2 to 1.2+dfsg-1 (384.4 KiB)

collabtive (1.2-2) unstable; urgency=low


  * Fix symlinks that pointed to the package maintainer's home directory
    :-P (Closes: #736424)
  * Remove the symlink to the pre-apache2.4 config file if it exists in
    the preinst

 -- Gunnar Wolf <email address hidden>  Thu, 23 Jan 2014 10:30:30 -0600

Available diffs

• diff from 1.2-1 to 1.2-2 (1.7 KiB)

collabtive (1.2-1) unstable; urgency=low


  * New upstream release
  * Modified debian/watch to track tags via githubredir
  * Updated patches; dropped descriptive_subject_in_mails and
    fix_datei_arbitrary_execution (applied upstream)

 -- Gunnar Wolf <email address hidden>  Sun, 19 Jan 2014 13:28:47 -0600

Available diffs

• diff from 1.1-1 to 1.2-1 (2.1 MiB)

collabtive (1.1-1) unstable; urgency=low


  * New upstream release
  * Added dependency on php-tcpdf — upstream ships convenience copy,
    replacing by the relevant symlinks.
  * Standards-version 3.9.3→3.9.5 (no changes needed)
  * Move the Apache config snippet from /etc/apache2/conf.d to
    /etc/apache2/conf-available, supporting the >=2.4 configuration
    style (Closes: #669833)
  * Build-depend on dh_apache2 to handle webserver reconfiguration logic
  * Ensured Collabtive plays nicely with Smarty3 (Closes: #672399)

 -- Gunnar Wolf <email address hidden>  Mon, 09 Sep 2013 23:09:24 -0500

Available diffs

• diff from 1.0-1 to 1.1-1 (2.0 MiB)

collabtive (1.0-1) unstable; urgency=low


  * Disable directory indexes in the apache.conf snippet following
    Bugtraq recommendation (re: already closed #676311)
  * New upstream release

 -- Gunnar Wolf <email address hidden>  Mon, 06 May 2013 18:12:42 -0500

Available diffs

• diff from 0.7.6-1 to 1.0-1 (983.4 KiB)

collabtive (0.7.6-1) unstable; urgency=low


  * New upstream release

 -- Gunnar Wolf <email address hidden>  Wed, 30 May 2012 11:50:05 -0500

Available diffs

• diff from 0.7.5-5 to 0.7.6-1 (37.3 KiB)

collabtive (0.7.5-5) unstable; urgency=low


  * The "smarty" package is gone - Use "smarty3" instead (Closes: #657536,
    #663389)

 -- Gunnar Wolf <email address hidden>  Mon, 12 Mar 2012 16:44:55 -0600

Available diffs

• diff from 0.7-1.1 to 0.7.5-5 (279.6 KiB)

collabtive (0.7-1.1) unstable; urgency=low


  * Non-maintainer upload.
  * Fix "sources file that was removed in postrm purge": check if
    wwwconfig-common script exists before sourcing it (closes: #635448).
  * debian/watch: improve uversionmangle (remove trailing dot).

 -- gregor herrmann <email address hidden>  Fri, 23 Sep 2011 16:25:10 +0200

collabtive (0.7-1) unstable; urgency=low

  * New upstream release
  * Standards version 3.9.1.0→3.9.2.0 (no changes needed)
  * Fixed non-working debian/repack.sh
  * Dropping patches "allow_single_digit_times" and
    "reflect_current_version", as they have been applied upstream
  * Moved the configuration file from /etc/collabtive/standard to
    /etc/collabtive
  * Disabled the install.php script, as it is a security liability
  * Call update.php on updates
 -- Ubuntu Archive Auto-Sync <email address hidden>   Sat,  04 Jun 2011 06:09:58 +0000

Available diffs

• diff from 0.6.5-5 to 0.7-1 (1.2 MiB)

collabtive (0.6.5-5) unstable; urgency=low

  * First version uploaded to Debian (Closes: #616123)