[gentoo-commits] repo/gentoo:master commit in: mail-client/roundcube/

Sun, 04 Nov 2018 03:01:35 -0800 

commit:     da4ec2b100597b0e25a43e10059ac2dbfba3dd0e
Author:     Aaron W. Swenson <titanofold <AT> gentoo <DOT> org>
AuthorDate: Sun Nov  4 11:00:31 2018 +0000
Commit:     Aaron Swenson <titanofold <AT> gentoo <DOT> org>
CommitDate: Sun Nov  4 11:00:34 2018 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da4ec2b1

mail-client/roundcube: Security Bump to 1.3.8

Resolves a XSS vulnerability.

Additionally, contains updates to ensure compatibility with PHP 7.3 and recent
versions of Courier-IMAP, Dovecot and MySQL 8.

Bug: https://bugs.gentoo.org/669696
Package-Manager: Portage-2.3.49, Repoman-2.3.11
Signed-off-by: Aaron Swenson <titanofold <AT> gentoo.org>

 mail-client/roundcube/Manifest               |  1 +
 mail-client/roundcube/roundcube-1.3.8.ebuild | 96 ++++++++++++++++++++++++++++
 2 files changed, 97 insertions(+)

diff --git a/mail-client/roundcube/Manifest b/mail-client/roundcube/Manifest
index a37da701442..18b020db29d 100644
--- a/mail-client/roundcube/Manifest
+++ b/mail-client/roundcube/Manifest
@@ -1,2 +1,3 @@
 DIST roundcubemail-1.3.6-complete.tar.gz 5529370 BLAKE2B 
49fd04d81b7047c61d33007b49aff2fe8d68fb0572d305b51aa0ae997c06e4924a3ff32861c19741f0c4d82adb9abb317781de8c1b324120e57d77f413cfa480
 SHA512 
fc1627d4b539742524c43b3faaa8cb5d64f934ad03f7cf8a461580a3a38dccb11140d08499b988742a0892534b1eda52f37a50f0911015983b6e27703294c70e
 DIST roundcubemail-1.3.7-complete.tar.gz 5533537 BLAKE2B 
48d0c8e50d3d4878fa901bde40791bd9f6b11498f1acfed798bdd889817dc58baeec1985ad67b82326b48428f08b40730f301d2383df5a8700cf89bd31c01c0f
 SHA512 
2e6c1e94866750835d843b4f4ea77148e467dfbee3a15e20bd7c9086c11ad9919f0ddc6097c40cacfcdbc2ceacf2f6fb1b7e8546a7fcb9f20d0e5bf84283d724
+DIST roundcubemail-1.3.8-complete.tar.gz 5534385 BLAKE2B 
2f0cb528d0901d267c74d57baa18d1f057fdd2eb0f872f3cef1053847861998f8c6551fc17506ae365086ed1f86c3ee9e73a96adb2e43c6c32025e7afaf63710
 SHA512 
34dc9205cd93be6d6551086f4d22654dad7213b4b09000dc4def08357acdc634744ce1f560144a3d3b46e936258e90482e77fc4c691a55c205bcfdfe3745441e

diff --git a/mail-client/roundcube/roundcube-1.3.8.ebuild 
b/mail-client/roundcube/roundcube-1.3.8.ebuild
new file mode 100644
index 00000000000..0fe303dc98b
--- /dev/null
+++ b/mail-client/roundcube/roundcube-1.3.8.ebuild
@@ -0,0 +1,96 @@
+# Copyright 1999-2018 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit webapp
+
+MY_PN=${PN}mail
+MY_P=${MY_PN}-${PV}
+
+DESCRIPTION="A browser-based multilingual IMAP client with an application-like 
user interface"
+HOMEPAGE="https://roundcube.net";
+SRC_URI="https://github.com/${PN}/${MY_PN}/releases/download/${PV}/${MY_P}-complete.tar.gz";
+
+# roundcube is GPL-licensed, the rest of the licenses here are
+# for bundled PEAR components, googiespell and utf8.class.php
+LICENSE="GPL-3 BSD PHP-2.02 PHP-3 MIT public-domain"
+KEYWORDS="~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86"
+
+IUSE="change-password enigma ldap managesieve mysql postgres sqlite ssl spell"
+REQUIRED_USE="|| ( mysql postgres sqlite )"
+
+# this function only sets DEPEND so we need to include that in RDEPEND
+need_httpd_cgi
+
+# :TODO: Support "endriod/qrcode: ~1.6.5" dep (ebuild needed)
+RDEPEND="
+       ${DEPEND}
+       
>=dev-lang/php-5.4.0[filter,gd,iconv,json,ldap?,pdo,postgres?,session,sqlite?,ssl?,unicode,xml]
+       >=dev-php/PEAR-Auth_SASL-1.1.0
+       >=dev-php/PEAR-Mail_Mime-1.10.0
+       >=dev-php/PEAR-Mail_mimeDecode-1.5.5
+       >=dev-php/PEAR-Net_IDNA2-0.2.0
+       >=dev-php/PEAR-Net_SMTP-1.7.1
+       virtual/httpd-php
+       change-password? (
+               >=dev-php/PEAR-Net_Socket-1.2.1
+               dev-lang/php[sockets]
+       )
+       enigma? (
+               >=dev-php/PEAR-Crypt_GPG-1.6.0
+               app-crypt/gnupg
+       )
+       ldap? (
+               >=dev-php/PEAR-Net_LDAP2-2.2.0
+               dev-php/PEAR-Net_LDAP3
+       )
+       managesieve? ( >=dev-php/PEAR-Net_Sieve-1.4.0 )
+       mysql? (
+               || (
+                       dev-lang/php[mysql]
+                       dev-lang/php[mysqli]
+               )
+       )
+       spell? ( dev-lang/php[curl,spell] )
+"
+
+S="${WORKDIR}/${MY_P}"
+
+src_prepare() {
+       default
+
+       # Redundant. (Bug #644896)
+       rm -r vendor/pear || die
+       # Remove references to PEAR. (Bug #650910)
+       cp "${FILESDIR}"/roundcube-1.3.7-pear-removed-installed.json \
+          vendor/composer/installed.json \
+          || die
+}
+
+src_install() {
+       webapp_src_preinst
+
+       dodoc CHANGELOG INSTALL README.md UPGRADING
+
+       insinto "${MY_HTDOCSDIR}"
+       doins -r [[:lower:]]* SQL
+       doins .htaccess
+
+       webapp_serverowned "${MY_HTDOCSDIR}"/logs
+       webapp_serverowned "${MY_HTDOCSDIR}"/temp
+
+       webapp_configfile "${MY_HTDOCSDIR}"/config/defaults.inc.php
+       webapp_postupgrade_txt en "${FILESDIR}/POST-UPGRADE.txt"
+
+       webapp_src_install
+}
+
+pkg_postinst() {
+       webapp_pkg_postinst
+
+       if [[ -n ${REPLACING_VERSIONS} ]]; then
+               elog "You can review the post-upgrade instructions at:"
+               elog 
"${EROOT%/}/usr/share/webapps/${PN}/${PV}/postupgrade-en.txt"
+       fi
+}

Reply via email to