Subject: PR/31260 CVS commit: [pkgsrc-2005Q3] pkgsrc/www/horde3
To: None <ben@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-bugs
Date: 11/26/2005 15:34:02
The following reply was made to PR pkg/31260; it has been noted by GNATS.

From: Lubomir Sedlacik <salo@netbsd.org>
To: gnats-bugs@netbsd.org
Cc: 
Subject: PR/31260 CVS commit: [pkgsrc-2005Q3] pkgsrc/www/horde3
Date: Sat, 26 Nov 2005 15:33:00 +0000 (UTC)

 Module Name:	pkgsrc
 Committed By:	salo
 Date:		Sat Nov 26 15:33:00 UTC 2005
 
 Modified Files:
 	pkgsrc/www/horde3 [pkgsrc-2005Q3]: Makefile PLIST distinfo
 Added Files:
 	pkgsrc/www/horde3/patches [pkgsrc-2005Q3]: patch-aa
 
 Log Message:
 Pullup ticket 930 - requested by Adrian Portelli
 security fix for horde3
 
 Revisions pulled up:
 - pkgsrc/www/horde3/Makefile		1.11, 1.12
 - pkgsrc/www/horde3/PLIST		1.5, 1.6
 - pkgsrc/www/horde3/distinfo		1.5, 1.6, 1.7
 - pkgsrc/www/horde3/patches/patch-aa	1.1
 
    Module Name:		pkgsrc
    Committed By:	ben
    Date:		Wed Oct 12 16:32:26 UTC 2005
 
    Modified Files:
    	pkgsrc/www/horde3: distinfo
    Added Files:
    	pkgsrc/www/horde3/patches: patch-aa
 
    Log Message:
    su-based authentication was OS-specific and broken on NetBSD.
    Fix su-based authentication.  This addresses PR#31260.
 ---
    Module Name:		pkgsrc
    Committed By:	adrianp
    Date:		Thu Oct 13 18:13:22 UTC 2005
 
    Modified Files:
    	pkgsrc/www/horde3: Makefile PLIST distinfo
 
    Log Message:
    Update to horde 3.0.5
    From the CHANGELOG:
    >  	------
    >   	v3.0.5
    >   	------
    >
    >   	[mms] Fix VFS's autocreatePath() for directory paths containing
    >          the root directory.
    >   	[jan] Fix cyrsql authentication driver with unixhierarchysep enabled
    >   	      (sgrondin@csbf.qc.ca, Bug 2367).
    >   	[mms] Fix nested IMAP AND searches.
    >   	[mms] In sql VFS driver, allow the use of '/' at the beginning of
    >          a path to indicate the base directory.
    >   	[jan] Fix returning to last page after sending problem report (Bug
    >   	      2350).
    >   	[mms] Fix a bug that caused hook code to be run unnecessarily after
    >   	      a user is already logged in.
    >
    >
    >   	----------
    >   	v3.0.5-RC2
    >   	----------
    >
    >   	[cjh] Fix a far-reaching DataTree bug in loading parent ids (Bug
    >   	      2203).
    >
    >
    >   	----------
    >   	v3.0.5-RC1
    >   	----------
    >
    >   	[jan] Add Bosnian translation (Vedran Ljubovic
    >   	      <vljubovic@smartnet.ba>).
    >   	[cjh] Let Horde_Tree handle all indent calculation based on
    >   	      parent/child relationships (Bug 2198).
    >   	[cjh] Add initial LDAP SessionHandler driver.
    >   	[cjh] Use row-level locking or transactions where possible to avoid
    >   	      session corruption in SessionHandler (Bug 1580).
    >   	[mms] Add the memcached SessionHandler:: driver (Rong-En Fan
    >   	      <rafan@csie.org>).
    >   	[mms] Fix verification of MIME strings with escaped quotes (Bug 2168).
    >   	[jan] Fix generation of free periods in free/busy code with
    >   	      overlapping events.
    >   	[jan] Don't show Options button in problem reporting page.
    >   	[jan] Add Util::realPath() method.
    >   	[mas] Include version numbers for applications on Admin Setup screen.
    >   	      (Bug 1420)
    >   	[mas] Change IMAP Auth driver to use imap/notls by default in non-DSN
    >   	      mode to match DSN mode.
    >   	[mas] Add tls and self-signed certificate configuration options to
    >   	      IMAP Auth driver. (Bug 1357)
    >   	[cjh] Recognize Opera 8+ as providing advanced features (Bug 2066).
    >   	[cjh] Fix reading of binary files on Windows in VC_svn (Bug 2036).
    >   	[mas] Fix SQL 'LIKE' case-insensitive comparison. (Bug 2030)
    >   	[jan] Allow charset aware IMAP searches.
    >   	[jan] Fix Google search block for non-ascii characters (Bug 1329).
    >   	[jan] Add quick-install instructions.
    >   	[jan] Improve performance of several framework packages.
    >   	[mms] Fix MIME_Contents:: caching in PHP 5 (Bug 1410).
    >   	[jan] Fix VC SVN backend to support user names with spaces
    >   	      (shimmanning@gmail.com, Bug 1919).
    >   	[cjh] Escape HTML in identity names (Bug 1910).
    >   	[mas] Use updated PostgreSQL function names.
    >   	[ben] Update application list in horde's LDAP schema
    >   	[cjh] Enforce maxlength restrictions in Horde_Form validation (Bug
    >   	      1895).
    >   	[jan] Disable weather.com Block if not configured.
    >   	[cjh] Include sourceroot in VC cache keys (Bug 1783).
    >   	[jan] Add SQL script and instructions for MSDE databases (Bugs 1862,
    >   	      1870, jeff@image-src.com).
    >   	[jan] Allow portal blocks to be larger than two column/rows (Bugs
    >   	      1189, 1632).
    >   	[jan] Add SMTP authentication to problem reporting (Bug 1128).
    >   	[jan] Support help files in admin directory with translations.php
    >          (Bug 1344).
    >   	[jan] Fixed SQL binding for ODBC and MSSQL drivers (Bug 1816).
    >   	[jan] Add configuration option to set location of MIME magic database.
    >   	[mms] Make sure headers in a MIME_Part are encoded with the same
    >   	      character set used in that MIME_Part (Bug 1591).
    >   	[mms] Add List-Headers listed in RFC 2369 to the list of MIME Headers
    >   	      that can only appear once in a single header (Bug 1766).
    >   	[cjh] Fix typo in parsing of FREEBUSY data (Bug 1590).
    >   	[jan] Support SQLite and Oracle in all SQL backend configurations.
    >   	[cjh] Use bind variables in the Auth, VFS, and SessionHandler SQL
    >   	      drivers, and in scripts/remove_prefs.php (selsky@columbia.edu,
    >          Bugs 1665, 1666, 1667, 1668, 1677).
    >   	[cjh] session_set_cookie_params() expects a relative timeout;
    >   	      setcookie wants absolute. Go back to a configinteger for
    >   	      $conf['session']['timeout'] and add time() to that value in
    >          setcookie() calls (Bugs 1302, 1658).
    >   	      THIS MAY BREAK CONFIGURATIONS SET TO USE PHP CODE. MAKE SURE TO
    >   	      UPDATE YOUR $conf['session']['timeout'] SETTING AFTER UPGRADING.
    >   	[cjh] Use bind variables in the Prefs and Token SQL drivers
    >   	      (selsky@columbia.edu, Bugs 1652, 1653).
    >   	[mms] Prune expanded folders that no longer exist in IMAP_Tree
    >          (Bug 1517).
    >   	[cjh] Don't try to compress output if ZPS compression is on (Bug
    >   	      1626).
    >   	[cjh] If an app only has one prefGroup, always show that prefGroup
    >   	      instead of showing an overview screen with only one entry.
 ---
    Module Name:		pkgsrc
    Committed By:	adrianp
    Date:		Fri Nov 25 20:59:16 UTC 2005
 
    Modified Files:
    	pkgsrc/www/horde3: Makefile PLIST distinfo
 
    Log Message:
    Update to horde 3.0.7
    From the CHANGES:
    > Major changes compared to the Horde version 3.0.5 are:
    >     * Fixed sidebar menu layout with Opera browsers.
    >     * Fixed calendar popup with Safari browsers.
    >     * Fixed blank screens with Internet Explorer browsers after logins.
    >     * Fixed warnings with PHP 4.4.0 and 5.0.5.
    >     * Added ability to enable and disable IMSP globally.
    >     * Fixed URL generation with some PHP CGI setups.
    >     * Fixed sharing with groups if using group hooks.
    >     * Updated Finnish, French, German, Hungarian, Korean, Polish, Slovak,
    >       Turkish, and Traditional Chinese translations.
    >     * Minor improvements and bug fixes.
    >
    > Major changes compared to the Horde version 3.0.6 are:
    >     * Fixed cross site scripting vulnerabilities in the gzip/tar and css
    >     MIME
    >       viewers.
    >     * Fixed MySQL session handler.
 
 
 To generate a diff of this commit:
 cvs rdiff -r1.10 -r1.10.2.1 pkgsrc/www/horde3/Makefile
 cvs rdiff -r1.4 -r1.4.4.1 pkgsrc/www/horde3/PLIST pkgsrc/www/horde3/distinfo
 cvs rdiff -r0 -r1.1.2.1 pkgsrc/www/horde3/patches/patch-aa
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.