Subject: PR/31260 CVS commit: [pkgsrc-2005Q3] pkgsrc/www/horde3
To: None <ben@netbsd.org, gnats-admin@netbsd.org, pkgsrc-bugs@netbsd.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-bugs
Date: 11/26/2005 15:34:02
The following reply was made to PR pkg/31260; it has been noted by GNATS.
From: Lubomir Sedlacik <salo@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: PR/31260 CVS commit: [pkgsrc-2005Q3] pkgsrc/www/horde3
Date: Sat, 26 Nov 2005 15:33:00 +0000 (UTC)
Module Name: pkgsrc
Committed By: salo
Date: Sat Nov 26 15:33:00 UTC 2005
Modified Files:
pkgsrc/www/horde3 [pkgsrc-2005Q3]: Makefile PLIST distinfo
Added Files:
pkgsrc/www/horde3/patches [pkgsrc-2005Q3]: patch-aa
Log Message:
Pullup ticket 930 - requested by Adrian Portelli
security fix for horde3
Revisions pulled up:
- pkgsrc/www/horde3/Makefile 1.11, 1.12
- pkgsrc/www/horde3/PLIST 1.5, 1.6
- pkgsrc/www/horde3/distinfo 1.5, 1.6, 1.7
- pkgsrc/www/horde3/patches/patch-aa 1.1
Module Name: pkgsrc
Committed By: ben
Date: Wed Oct 12 16:32:26 UTC 2005
Modified Files:
pkgsrc/www/horde3: distinfo
Added Files:
pkgsrc/www/horde3/patches: patch-aa
Log Message:
su-based authentication was OS-specific and broken on NetBSD.
Fix su-based authentication. This addresses PR#31260.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Oct 13 18:13:22 UTC 2005
Modified Files:
pkgsrc/www/horde3: Makefile PLIST distinfo
Log Message:
Update to horde 3.0.5
From the CHANGELOG:
> ------
> v3.0.5
> ------
>
> [mms] Fix VFS's autocreatePath() for directory paths containing
> the root directory.
> [jan] Fix cyrsql authentication driver with unixhierarchysep enabled
> (sgrondin@csbf.qc.ca, Bug 2367).
> [mms] Fix nested IMAP AND searches.
> [mms] In sql VFS driver, allow the use of '/' at the beginning of
> a path to indicate the base directory.
> [jan] Fix returning to last page after sending problem report (Bug
> 2350).
> [mms] Fix a bug that caused hook code to be run unnecessarily after
> a user is already logged in.
>
>
> ----------
> v3.0.5-RC2
> ----------
>
> [cjh] Fix a far-reaching DataTree bug in loading parent ids (Bug
> 2203).
>
>
> ----------
> v3.0.5-RC1
> ----------
>
> [jan] Add Bosnian translation (Vedran Ljubovic
> <vljubovic@smartnet.ba>).
> [cjh] Let Horde_Tree handle all indent calculation based on
> parent/child relationships (Bug 2198).
> [cjh] Add initial LDAP SessionHandler driver.
> [cjh] Use row-level locking or transactions where possible to avoid
> session corruption in SessionHandler (Bug 1580).
> [mms] Add the memcached SessionHandler:: driver (Rong-En Fan
> <rafan@csie.org>).
> [mms] Fix verification of MIME strings with escaped quotes (Bug 2168).
> [jan] Fix generation of free periods in free/busy code with
> overlapping events.
> [jan] Don't show Options button in problem reporting page.
> [jan] Add Util::realPath() method.
> [mas] Include version numbers for applications on Admin Setup screen.
> (Bug 1420)
> [mas] Change IMAP Auth driver to use imap/notls by default in non-DSN
> mode to match DSN mode.
> [mas] Add tls and self-signed certificate configuration options to
> IMAP Auth driver. (Bug 1357)
> [cjh] Recognize Opera 8+ as providing advanced features (Bug 2066).
> [cjh] Fix reading of binary files on Windows in VC_svn (Bug 2036).
> [mas] Fix SQL 'LIKE' case-insensitive comparison. (Bug 2030)
> [jan] Allow charset aware IMAP searches.
> [jan] Fix Google search block for non-ascii characters (Bug 1329).
> [jan] Add quick-install instructions.
> [jan] Improve performance of several framework packages.
> [mms] Fix MIME_Contents:: caching in PHP 5 (Bug 1410).
> [jan] Fix VC SVN backend to support user names with spaces
> (shimmanning@gmail.com, Bug 1919).
> [cjh] Escape HTML in identity names (Bug 1910).
> [mas] Use updated PostgreSQL function names.
> [ben] Update application list in horde's LDAP schema
> [cjh] Enforce maxlength restrictions in Horde_Form validation (Bug
> 1895).
> [jan] Disable weather.com Block if not configured.
> [cjh] Include sourceroot in VC cache keys (Bug 1783).
> [jan] Add SQL script and instructions for MSDE databases (Bugs 1862,
> 1870, jeff@image-src.com).
> [jan] Allow portal blocks to be larger than two column/rows (Bugs
> 1189, 1632).
> [jan] Add SMTP authentication to problem reporting (Bug 1128).
> [jan] Support help files in admin directory with translations.php
> (Bug 1344).
> [jan] Fixed SQL binding for ODBC and MSSQL drivers (Bug 1816).
> [jan] Add configuration option to set location of MIME magic database.
> [mms] Make sure headers in a MIME_Part are encoded with the same
> character set used in that MIME_Part (Bug 1591).
> [mms] Add List-Headers listed in RFC 2369 to the list of MIME Headers
> that can only appear once in a single header (Bug 1766).
> [cjh] Fix typo in parsing of FREEBUSY data (Bug 1590).
> [jan] Support SQLite and Oracle in all SQL backend configurations.
> [cjh] Use bind variables in the Auth, VFS, and SessionHandler SQL
> drivers, and in scripts/remove_prefs.php (selsky@columbia.edu,
> Bugs 1665, 1666, 1667, 1668, 1677).
> [cjh] session_set_cookie_params() expects a relative timeout;
> setcookie wants absolute. Go back to a configinteger for
> $conf['session']['timeout'] and add time() to that value in
> setcookie() calls (Bugs 1302, 1658).
> THIS MAY BREAK CONFIGURATIONS SET TO USE PHP CODE. MAKE SURE TO
> UPDATE YOUR $conf['session']['timeout'] SETTING AFTER UPGRADING.
> [cjh] Use bind variables in the Prefs and Token SQL drivers
> (selsky@columbia.edu, Bugs 1652, 1653).
> [mms] Prune expanded folders that no longer exist in IMAP_Tree
> (Bug 1517).
> [cjh] Don't try to compress output if ZPS compression is on (Bug
> 1626).
> [cjh] If an app only has one prefGroup, always show that prefGroup
> instead of showing an overview screen with only one entry.
---
Module Name: pkgsrc
Committed By: adrianp
Date: Fri Nov 25 20:59:16 UTC 2005
Modified Files:
pkgsrc/www/horde3: Makefile PLIST distinfo
Log Message:
Update to horde 3.0.7
From the CHANGES:
> Major changes compared to the Horde version 3.0.5 are:
> * Fixed sidebar menu layout with Opera browsers.
> * Fixed calendar popup with Safari browsers.
> * Fixed blank screens with Internet Explorer browsers after logins.
> * Fixed warnings with PHP 4.4.0 and 5.0.5.
> * Added ability to enable and disable IMSP globally.
> * Fixed URL generation with some PHP CGI setups.
> * Fixed sharing with groups if using group hooks.
> * Updated Finnish, French, German, Hungarian, Korean, Polish, Slovak,
> Turkish, and Traditional Chinese translations.
> * Minor improvements and bug fixes.
>
> Major changes compared to the Horde version 3.0.6 are:
> * Fixed cross site scripting vulnerabilities in the gzip/tar and css
> MIME
> viewers.
> * Fixed MySQL session handler.
To generate a diff of this commit:
cvs rdiff -r1.10 -r1.10.2.1 pkgsrc/www/horde3/Makefile
cvs rdiff -r1.4 -r1.4.4.1 pkgsrc/www/horde3/PLIST pkgsrc/www/horde3/distinfo
cvs rdiff -r0 -r1.1.2.1 pkgsrc/www/horde3/patches/patch-aa
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.