lp:ubuntu/jaunty-updates/horde3
- Get this branch:
- bzr branch lp:ubuntu/jaunty-updates/horde3
Branch merges
Branch information
Recent revisions
- 15. By Gregory Colpart <email address hidden>
-
* Add informations in README.Debian about test.php files: these files should
not be "allow from all", because test.php includes private informations and
could be unsafe (for example see CVE-2008-4182).
* Include a patch from Horde upstream to fix an IE-only hole in XSS filter
(See CVE-2008-5917 for more information). (Closes: #512592)
* Include patches from Horde upstream to fix a file inclusion issue in
Horde_Image driver name (Image/Image.php) and an unescaped output in
the tag cloud block (services/portal/ cloud_search. php). (Closes: #513265) - 14. By Gregory Colpart <email address hidden>
-
* New upstream release.
* This version is mainly for fixing two security bugs: unescaped output in
the MIME library and improve the XSS filter for HTML (See CVE-2008-3823 for
more information). (Closes: #499579)
* Add changelog entry with CVE ID in changelog for 3.2.1+debian0-1.
* Fix misspelling in Recommends: field. (Closes: #499001)
* Improve upgrade path Etch->Lenny with forcing to show diff of
/etc/horde/horde3/ registry. php because all horde components are now
inactive by default. (Closes: #493885)
* Change Gregory Colpart's email address in debian/control file. - 13. By Gregory Colpart (evolix)
-
* New upstream release.
* This new version has major changes compared to the previous version: an
alarm system that can send email, generate inline notifications, and play
sounds for events in any Horde application; support for read and write
databases; operation when the database is down; many performance
improvements, several slick new themes; WCAG 1.0 Priority 2/Section 508
accessibility guidelines compliance; full Kolab webclient support; many
improvements in the JavaScript and user interface; a new tree view for
Help along with keyword search; support for memcache clustering; and many,
many bug fixes and small enhancements.
* With this new version: remove of backported patch for correcting invalid
entities in es_ES (#461400) and manual merge for
config/mime_drivers. php.dist and config.conf.xml for keeping Debian
specific patches.
* Thanks to Mathieu Parent <email address hidden> for his help/patches for
this package.
* Repack upstream source to remove fckeditor, tinymce and scriptaculous
(size of upstream source is now instead 7 Mo instead of 8 Mo).
* Added a check in debian/rules to make sure that those external libs are not
in the orig.tar.gz
* A lot of improvements in debian/copyright file.
* Some adjustements in debian/rules: remove exec rights for xml/png/gif/css/
js/jpg/html/htm files, no more need to remove empty directories and copy
CREDITS file.
* Link some *.js files with libjs-scriptaculous package.
* Link editors (tinymce and fckeditor) with tinymce2 and fckeditor packages.
* Add unrtf and libwpd-tools in "Suggests" field.
* Add patch to keep PAM authentication stays compatible with precedent
version (and with php5-auth-pam package). Add php5-auth-pam to Suggests:
field.
* Update to standards version 3.8.0, no further required changes. - 12. By Gregory Colpart (evolix)
-
* New upstream release.
* This new version has security fix: fix arbitrary file inclusion through
abuse of the theme preference (see CVE-2008-1284 for more informations).
(Closes: #470640)
* Fix typo in debian/rules comments.
* Add php-net-imap package in "Suggests" field. (Closes: #470283)
* Add libgeoip1 package in "Suggests" field. (Closes: #376935) - 11. By Gregory Colpart (evolix)
-
* New upstream release.
* This new version has security fixes : privilege escalation in the Horde
API and XSS vulnerabilities (see CVE-2007-6018 for more informations).
(Closes: #461131)
* This new version fixes also translation error in it_IT locale
(Closes: #459555)
* Import fix from Horde CVS to correct invalid entities in es_ES
translantion (thanks to Adrian Santos Marrero <email address hidden>)
(Closes: #461400)
* Update to standards version 3.7.3, no further required changes.
* Use now Vcs-* fields in debian/control.
* Remove empty directories which causes lintian warnings.
* Bump debhelper compat level to 5.
* Add Homepage field. - 10. By Gregory Colpart (evolix)
-
* New upstream release.
* Transition to PHP5 for Recommends and Suggests fields. (Closes: #432237)
* Remove old phpapi-* from Depends: (Closes: #420644)
* Clean Depends, Recommends and Suggests fields.
* Remove exec right for XML files in debian/rules.
* Add locales in Recommends.
* Disable upstream _detect_webroot() function (unsable in Debian).
* Fix XSS vulnerability. See CVE-2007-1473 for more information.
(Closes: #434045) - 9. By Ola Lundqvist
-
Changed webroot from /horde to /horde3, especially regarding cookie
handling, closes: #391493. - 8. By Ola Lundqvist
-
Correction for arbitrary file deletion vulnerability,
closes: #415116. Thanks to Paul TBBle Hampson <email address hidden>
for providing the patch.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/lucid/horde3