SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for eGroupware-phpbrain-1.6.003-18.1.noarch.rpm :
Tue Mar 23 13:00:00 2010 Ralf Becker
- version 1.6.003-2
- just fixing some anoying bugs, which sliped into 1.6.003

Tue Mar 9 13:00:00 2010 Lars Volker
- version 1.6.003
- eGroupware 1.6.003 security and bugfix release
- fixes 2 security problems:
- one is a serious remote command execution (allowing to run arbitrary
commands on the web server by simply issuing a HTTP request!)
- the other a reflected cross-site scripting (XSS)
Both require NO valid EGroupware account and work without being logged in!
- SyncML 1.2 support and many SyncML bug fixes
- many bugfixes since 1.6.002 release

Mon Jul 20 14:00:00 2009 Ralf Becker
- version 1.6.002
- eGroupware 1.6.002 security and bugfix release
- fixes 3 security problems:
+ FCKeditor (remote file upload)
+ tracker (XSS problem)
+ knowledgebase (SQL injection)
- added HTML Purifier as preventive measure for FCKeditor content
- tons of bugfixes since initial 1.6.001 release

Fri Mar 13 13:00:00 2009 Peter Eisentraut
- version 1.6.001+dfsg-2
- Upload to unstable
[ Jan Wagner ]
- add egroupware-notifications package, cause the application was missing
and it\'s needed by calendar application
- depend egroupware-calendar on egroupware-notifications
[ Peter Eisentraut ]
- Depend egroupware-tracker on egroupware-notifications
- Add newline after egw:Modules substitution variable; fixes FTBFS
(This is caused by a change in debhelper 7.1.0.)
- Added ${misc:Depends} to all Depends lines, per lintian

Sat Dec 6 13:00:00 2008 Peter Eisentraut
- version 1.6.001+dfsg-1
- New upstream release
- Updated copyright notices
- Added php5-cli dependency to filemanager application, per lintian

Tue Nov 18 13:00:00 2008 Peter Eisentraut
- version 1.6~rc5-2+dfsg-1
- New upstream release candidate

Sat Nov 15 13:00:00 2008 Peter Eisentraut
- version 1.6~rc4+dfsg-1
- New upstream release candidate
- mydms application removed
- Changed watch file temporarily for RC versions

Wed Oct 1 14:00:00 2008 Peter Eisentraut
- version 1.4.004-2.dfsg-4
- Debconf translation updates

Fri Sep 12 14:00:00 2008 Peter Eisentraut
- version 1.4.004-2.dfsg-3
- Debconf translation updates

Mon Jul 14 14:00:00 2008 Peter Eisentraut
- version 1.4.004-2.dfsg-2
- Debconf translation updates
- Renamed README.maintainer to now standardized name README.source
- Updated standards version
- Reference .../doc/egroupware-core/README.Debian.gz with gz suffix
- Removed obsolete lintian overrides
- Simplified setup code, obsoleting 06-egw-header-template.dpatch
- Removed obsolete 08-egw-checkinstall-symlink.dpatch and all of dpatch
- Replaced gawk by perl in debian/rules, simplified code a bit

Fri May 9 14:00:00 2008 Peter Eisentraut
- version 1.4.004-2.dfsg-1
- New upstream release
- Obsoletes 01-kses-security.dpatch
- Added Vcs-
* control fields for move to collab-maint
- Made egw-sanitize-tarball compatible with uscan and updated watch file to
use it
- Debconf translation updates

Sat Mar 22 13:00:00 2008 Nico Golde
- version 1.4.002.dfsg-2.1
- Non-maintainer upload by the Security Team.
- Fix multiple security issues in kses _bad_protocol_once function. Details
are under embargo for now (01-kses-security.dpatch; Closes: #471839).

Sat Mar 1 13:00:00 2008 Peter Eisentraut
- version 1.4.002.dfsg-2
- Upload to unstable
- Updated standards version
- Converted copyright files to UTF-8
- Added information in egroupware-addressbook/NEWS.Debian about upgrading an
LDAP-based addressbook
- Switched back to integrated version of ttf-bitstream-vera, because the
package has been removed
- Debconf templates and package description review
- Debconf translation updates (closes: #465063, #465133, #465799, #467163,
[#467173], #467479, #467497, #467536, #468479)
- Added Homepage control field

Thu Oct 4 14:00:00 2007 Peter Eisentraut
- version 1.4.002.dfsg-1
- New upstream release
- Fixes mishandling of empty web server docroot
- Includes fix for cross-site-scripting security problem
(CVE-2007-5091)
- Removed obsolete LDAP setup instructions from egroupware-core\'s
README.Debian

Mon Jul 9 14:00:00 2007 Peter Eisentraut
- version 1.4.001.dfsg-2
- Removed support for Apache 1 and PHP 4
- Replaced ${Source-Version} by ${binary:Version}
- Fixed bugs in translations of debconf templates
- Reenabled outdated translations pt_BR and vi, because the really
outdated parts are now obsolete

Fri Jun 15 14:00:00 2007 Peter Eisentraut
- version 1.4.001.dfsg-1
- New upstream release
- Removed egroupware-ldap package
- Some installation cleanup

Tue May 29 14:00:00 2007 Peter Eisentraut
- version 1.3.023.dfsg-1
- New upstream release
- workflow application removed
- Obsoletes patch 04-egw-ldap-doc
- Added tracker application
- Updated Apache configuration with upstream recommendations
- Fixed ttf-bitstream-vera handling
- Disabled compression of
*.php files installed as documentation
- Some installation cleanup

Mon May 21 14:00:00 2007 Peter Eisentraut
- version 1.3.022.dfsg-1
- New upstream release
- Updated egw-sanitize-tarball script to exclude debian/ directory
maintained by upstream

Fri May 11 14:00:00 2007 Peter Eisentraut
- version 1.2.106-2.dfsg-3
- New Galician translation of debconf templates by Jacobo Tarrio
- Only change permissions on /var/lib/egroupware/ during initial
installation, in case someone wants a different setup

Fri Feb 9 13:00:00 2007 Peter Eisentraut
- version 1.2.106-2.dfsg-2
- Fixed watch file to ignore beta versions
- New Portuguese translation of debconf templates by Carlos Lisboa

Mon Jan 8 13:00:00 2007 Peter Eisentraut
- version 1.2.106-2.dfsg-1
- New upstream release

Tue Jan 2 13:00:00 2007 Peter Eisentraut
- version 1.2-106.dfsg-1
- New upstream release
- Enabled installation with php5 >=5.2
- Set php_flag display_errors to off to work around php5 bug
- New Spanish translation of debconf templates by César Gómez Martín
- Added PEAR path to open_basedir

Sat Dec 2 13:00:00 2006 Peter Eisentraut
- version 1.2-105.dfsg-4
- Disabled installation with php5 >=5.2
- Changed some php_{flag|value} directives to php_admin_{flag|value}
as required
- Disabled outdated translations pt_BR and vi

Sat Nov 4 13:00:00 2006 Peter Eisentraut
- version 1.2-105.dfsg-3
- Placed php5 dependencies before php4 alternatives
- Raised php4 dependency to 4.3

Fri Oct 13 14:00:00 2006 Peter Eisentraut
- version 1.2-105.dfsg-2
- New French translation of debconf templates by \"Steve\"
- New Japanese translation of debconf templates by Hideki Yamane

Sun Sep 24 14:00:00 2006 Peter Eisentraut
- version 1.2-105.dfsg-1
- New upstream release
- New Czech translation of debconf templates by Miroslav Kure

Mon Sep 18 14:00:00 2006 Peter Eisentraut
- version 1.2-104.dfsg-3
- New Dutch translation of debconf templates by Kurt De Bree
- Added missing build dependency po-debconf
- Added note about tcpip_socket not enabled by default for PostgreSQL
7.4
- Set all of /var/lib/egroupware/ owned by www-data:www-data
- Handle purging egroupware-core when debconf is not installed

Mon Aug 28 14:00:00 2006 Peter Eisentraut
- version 1.2-104.dfsg-2
- Enhanced watch file
- Enable mod_actions for Apache 2
- Removed recommendations of php5-mcal and php5-xslt, which don\'t exist
- Altered Debconf templates to fit recommendations in Developer\'s
Reference
- Code clean-up in maintainer scripts
- Updated setup instructions for new PostgreSQL packaging scheme
- Simplified documentation for LDAP setup
- Added php{4,5}-odbc as dependency alternative
- Updated for new fpdf path

Fri Jul 28 14:00:00 2006 Peter Eisentraut
- version 1.2-104.dfsg-1
- New upstream release
- Dropped 05-egw-projects-jpgraph-path patch because upstream clearly
believes this feature is relevant
- New stuff relative to previous unstable version ...
- New applications: mydms, projectmanager, resources, sambaadmin,
timesheet, workflow
- Dropped applications: backup, comic, email, forum, ftp, fudforum,
headlines, jinn, messenger, phpldapadmin, projects, stocks, tts
- MySQL 5 support
- XMLRPC variable names fixed
- Added PHP5 dependencies as alternatives
- Language installation more robust
- IPv6 support (#330873)
- Calendar support for all-day events
- Fixed spelling mistake in package description
- New Dutch translation of debconf templates by Kurt De Bree

Mon Jun 12 14:00:00 2006 Peter Eisentraut
- version 1.2-102.dfsg-2
- New upstream release
- Fixed php[45]-gd dependency

Wed May 31 14:00:00 2006 Peter Eisentraut
- version 1.2-2.dfsg-1
- New upstream release
- Added PHP5 dependencies as alternatives
- Added Subversion support to egw-sanitize-tarball
- Changed to Debhelper level 5
- Sorted out Build-Depends vs. Build-Depends-Indep
- Changes to default Apache configuration by Lars Kneschke:
- Added /usr/share/php to include_path
- Improved ical handling
- Improved rpc handling

Thu Apr 20 14:00:00 2006 Peter Eisentraut
- version 1.2-1.dfsg-1
- New upstream release
- New applications: mydms, projectmanager, resources, sambaadmin,
timesheet, workflow
- Dropped applications: backup, comic, email, forum, ftp, fudforum,
headlines, jinn, messenger, phpldapadmin, projects, stocks, tts
- Most patches obsoleted
- Calculate dependencies of meta package automatically

Mon Nov 28 13:00:00 2005 Peter Eisentraut
- version 1.0.0.009.dfsg-3-4
- Fixed fudforum arbitrary code execution security problem (CVE-2005-2781)
- Fixed watch file to exclude RC versions

Mon Nov 14 13:00:00 2005 Peter Eisentraut
- version 1.0.0.009.dfsg-3-3
- Corrected fudforum fix
- Fixed cross-site-scripting [phpsysinfo/includes/system_footer.php,
phpsysinfo/includes/system_header.php,
debian/patches/22-egw-CVE-2005-0870-xss.dpatch]
- Backported parts of changes by Christopher Kunz to fix arbitrary file
inclusion [phpsysinfo/index.php,
debian/patches/23-egw-CVE-2005-3347-file.dpatch]
- Initialise charset variable to fix cross-site scripting
[phpsysinfo/index.php, debian/patches/24-egw-CVE-2005-3348-xss.dpatch]

Tue Nov 1 13:00:00 2005 Peter Eisentraut
- version 1.0.0.009.dfsg-3-2
- Fixed fudforum cross-site scripting security problem (CAN-2005-2600)
- New Swedish translation of debconf templates by Daniel Nylander

Mon Sep 26 14:00:00 2005 Peter Eisentraut
- version 1.0.0.009.dfsg-3-1
(The actual upstream release name is \"1.0.0.009-3\".)
- New upstream release
- Obsoletes patch 10-egw-xmlrpc-fix-fix

Mon Sep 5 14:00:00 2005 Peter Eisentraut
- version 1.0.0.009.dfsg-2
- Added upstream\'s fix for the previous fix

Thu Sep 1 14:00:00 2005 Peter Eisentraut
- version 1.0.0.009.dfsg-1
- New upstream release
- Includes fix for (another) XML-RPC remote execution security problem
(CAN-2005-2498)

Fri Jul 29 14:00:00 2005 Peter Eisentraut
- version 1.0.0.008-2.dfsg-1
- New upstream release
- New Czech translation of debconf templates by Miroslav Kure
- Improved version recognition in watch file

Sat Jul 9 14:00:00 2005 Peter Eisentraut
- version 1.0.0.008-1.dfsg-1
- New upstream release
- Contains better fix for XML-RPC security problem (bug #317263)
- Obsoletes patches 09-egw-calendar-konqueror, 10-egw-pam-auth

Thu Jul 7 14:00:00 2005 Peter Eisentraut
- version 1.0.0.007-3.dfsg-1
- New upstream release
- Includes fix for XML-RPC remote execution security problem
(CAN-2005-1921)
- Updated standards version

Sat Jun 11 14:00:00 2005 Peter Eisentraut
- version 1.0.0.007-2.dfsg-4
- New Vietnamese translation of debconf templates by Clytie Siddall
- Changed maintainer address

Tue May 24 14:00:00 2005 Peter Eisentraut
- version 1.0.0.007-2.dfsg-3
- Fixed PAM authentication

Thu May 12 14:00:00 2005 Peter Eisentraut
- version 1.0.0.007-2.dfsg-2
- Fixed calendar month display in Konqueror

Thu Apr 21 14:00:00 2005 Peter Eisentraut
- version 1.0.0.007-2.dfsg-1
- New upstream version
- fixes several security problems
- fixes SQL error in calendar matrix view
- skel application removed
- Added php4-cli to dependencies of -fudforum
- Made Apache 2 the preferred web server alternative in dependencies and
debconf question, adjusted debconf translations manually
- Added setup instructions for MySQL (thanks to Christian Motschke)

Mon Nov 8 13:00:00 2004 Peter Eisentraut
- version 1.0.00.006-1.dfsg-1
- New upstream version
- Adjusted patch egw-projects-jpgraph-path for upstream changes
- Removed patch egw-admin-save-email, obsoleted by upstream changes
- Added patch to ignore dangling symlinks in check_install.php;
phpldapadmin/config.php is initially a dangling symlink, so we don\'t
want to complain about that.
- Added perl to dependencies of -core (needed for postinst)

Mon Nov 1 13:00:00 2004 Peter Eisentraut
- version 1.0.00.005-1.dfsg-3
- Converted dpatch to use /usr/share/dpatch/dpatch-run
- No longer set php_flag display_errors off; this should be chosen by
the system administrator or the user.
- -calendar depends on -infolog
- New Japanese translation of debconf templates by Hideki Yamane
- Added patch to save email addresses when creating new users

Sat Sep 25 14:00:00 2004 Peter Eisentraut
- version 1.0.00.005-1.dfsg-2
- Removed PHP conditionals in apache.conf; besides having been
relatively useless, this also gets Apache 2 working.
- Symlinked to ttf-bitstream-vera instead of installing our own copy
- Symlinked to fpdf instead of installing our own copy (except
fpdf.php, which is patched by egroupware)

Sat Sep 11 14:00:00 2004 Peter Eisentraut
- version 1.0.00.005-1.dfsg-1
- New upstream version
- Added \".dfsg\" to version name to make explicit that this is not the
original upstream tarball
- egroupware-infolog.remove now obsolete
- Removed new .htaccess file from installation
- Adjusted patch egw-ldap-doc for upstream changes
- Adjusted patch egw-projects-var-www for upstream changes and renamed
to egw-projects-jpgraph-path
- Added suggestions of php4-imap and php4-auth-pam to -core package
- Removed dependencies on php4-gd2 (see bug #261186)

Sat Sep 4 14:00:00 2004 Peter Eisentraut
- version 1.0.00.004-2+cvs20040825-2
- Added sitemgr-link symlink into the -sitemgr package
- New Brazilian Portuguese translation of debconf templates by
André Luís Lopes
- Removed some obsolete files from -filemanager package
- phpldapadmin was by fault in debian/rules filtered from the list of
modules, so it did not get any files installed at all; fixed
- Added symlinks and instructions for setting up a phpldapadmin
configuration file
- Converted the executable dpatch 00template, which doesn\'t work, to
the nonexecutable variant

Thu Aug 26 14:00:00 2004 Peter Eisentraut
- version 1.0.00.004-2+cvs20040825-1
- New upstream release plus additional fixes (check out from CVS using
-r Version-1_0_0-branch -D \'2004-08-25 00:00:00 UTC\')
- Updated egw-ldap-doc patch for new translations
- Sorted out the web server and PHP dependencies:
- Support only Apache variants and PHP as module
- New Apache 2 support (experimental)
- Changed dependency on php4-cgi to php4-cli
- Use invoke-rc.d in maintainer scripts
- Ignore web server reload failures
- New French (fr) translation of debconf templates by Florent Usseil
- Added more dependencies on PHP modules in the applications
- Force PHP mbstring overloading to be on
- Remove executable permission from installed PHP files

Tue Aug 17 14:00:00 2004 Peter Eisentraut
- version 1.0.00.003-2-1
- New upstream release (first stable upstream release, so it can go
into Debian unstable now)
- Patches now handled by dpatch
- More detailed copyright information added
- More careful selection of installed files
- More nonfree files removed from source package
- Dependencies revised
- debian/rules simplified
- Configuration adjusted for new upstream version, web server
selection changed in preparation for more supported servers

Fri Jun 11 14:00:00 2004 Peter Eisentraut
- version 0.9.99.015-1-1
- Initial release
- Removed calendar/doc/rfc2445.txt, because it is not free.
- Changed fudforum setup to work better in Debian directory structure.


  
ICM