roundcube (1.4.10+dfsg.2-1) unstable; urgency=low

    It is recommended to use /var/lib/roundcube/public_html as document
    root (or alias target) in the HTTPd configuration.  Doing so will
    automatically keep sensitive files such as logs and configuration
    out of reach for HTTP requests.  (The provided .htaccess file
    protects these already, but since Apache 2.4 .htaccess support is
    disabled by default and not all HTTPd support these.)

    In addition, Javascript and CSS files are now provided gzipped
    alongside the non-compressed versions.  Compatible HTTPds can be
    configured to send these files as is in order to avoid on-the-fly
    compression overhead.

 -- Guilhem Moulin <guilhem@debian.org>  Fri, 15 Jan 2021 23:55:02 +0100

roundcube (1.1.1+dfsg.1-1) experimental; urgency=medium

    Roundcube changes it configuration schema.
    The old main.inc.php and db.inc.php are merged into config.inc.php by the
    deb update process. There is a migration script, that should transform the
    files automatically, also if there are changes made in the files.
    The old configuration files are left in place, they can removed afterwards.

    If you want to start the migration step on you own:
    DEBIAN_PKG=TRUE RCUBE_CONFIG_PATH=/etc/roundcube /usr/bin/php \
        /usr/share/roundcube/bin/update.sh --version=0.9.5 --accept=true

 -- Sandro Knauß <bugs@sandroknauss.de>  Thu, 08 May 2014 08:40:00 +0200

roundcube (0.7.2-7) unstable; urgency=low

    Roundcube SQLite support is limited to SQLite 2.x. No support for
    SQLite 3.x currently exists. Unfortunately, SQLite 2.x is unmaintained
    for several years and therefore has been dropped from php5
    package.

    You need to select another database to continue to use
    Roundcube. Unfortunately, there is currently no migration script
    available. You have to start from an empty database and migrate
    data yourself if you want to keep your settings. You can find some
    directions here:
     http://wiki.debian.org/Roundcube/DeprecationOfSQLitev2

    Once the migration is done, you can remove roundcube-sqlite
    package.

 -- Vincent Bernat <bernat@debian.org>  Sat, 02 Mar 2013 22:20:17 +0100

roundcube (0.3.1-2) unstable; urgency=low

    Starting from Roundcube 0.3, an incompatibility with Suhosin session
    encryption is present. This can be resolved by tuning php.ini for
    Roundcube with the "suhosin.session.encrypt" set to "Off".

    We ship a .htaccess in /var/lib/roundcube to disable this
    option. However, this only works with a webserver like Apache with
    mod_php. If you are using a webserver with PHP configured as a
    *CGI process, you need to tune the php.ini for this process:
    either turn of globally Suhosin session encryption in
    /etc/php5/conf.d/suhosin or you can provide your own php.ini to
    php5-cgi with "-c" option.

 -- Vincent Bernat <bernat@debian.org>  Mon, 02 Nov 2009 19:48:22 +0100