php-horde (5.2.20+debian0-1+deb10u2) buster; urgency=medium * CVE-2020-8035: Don't allow to view images inline if opened directly. * debian/patches/0001-Fix-rewrite-base.patch: Trivial rebase. -- Mike Gabriel Sun, 31 May 2020 21:45:26 +0200 php-horde (5.2.20+debian0-1+deb10u1) buster; urgency=high * Fix CVE-2019-12095: Stored XSS vuln in the Horde Cloud Block. -- Roberto C. Sanchez Fri, 13 Dec 2019 21:13:53 -0500 php-horde (5.2.20+debian0-1) unstable; urgency=medium * New upstream version 5.2.20+debian0 - Update patch - Remove patch for CVE-2017-16907, merged -- Mathieu Parent Thu, 25 Oct 2018 21:08:21 +0200 php-horde (5.2.18+debian0-1) unstable; urgency=medium * New upstream version 5.2.18+debian0 - Update patch * Fix CVE-2017-16907 XSS via Color field (Closes: #909739) -- Mathieu Parent Sun, 07 Oct 2018 22:55:19 +0200 php-horde (5.2.17+debian0-3) unstable; urgency=medium * Update Standards-Version to 4.1.4, no change * Update Maintainer field -- Mathieu Parent Tue, 15 May 2018 15:21:43 +0200 php-horde (5.2.17+debian0-2) unstable; urgency=medium * Update Standards-Version to 4.1.3, no change * Upgrade debhelper to compat 11 * Update Vcs-* fields * Use secure copyright format URI * Replace "Priority: extra" by "Priority: optional" -- Mathieu Parent Thu, 05 Apr 2018 22:23:17 +0200 php-horde (5.2.17+debian0-1) unstable; urgency=medium * New upstream version 5.2.17+debian0 -- Mathieu Parent Wed, 27 Sep 2017 20:08:11 +0200 php-horde (5.2.16+debian0-1) unstable; urgency=medium * New upstream version 5.2.16+debian0 * Update patch -- Mathieu Parent Tue, 01 Aug 2017 22:25:55 +0200 php-horde (5.2.15+debian0-1) unstable; urgency=medium * New upstream version 5.2.15+debian0 * Update patch -- Mathieu Parent Sat, 01 Jul 2017 22:05:23 +0200 php-horde (5.2.13+debian0-1) unstable; urgency=medium * New upstream version 5.2.13+debian0 * Update patch -- Mathieu Parent Sun, 18 Dec 2016 22:01:07 +0100 php-horde (5.2.12+debian0-2) unstable; urgency=medium * Replace dpkg-maintscript-helper usage by debian/maintscript and thus remove preinst without #! (Closes: #843289). Also, we ensure that mv_conffile is run before apache snipset. -- Mathieu Parent Sat, 05 Nov 2016 20:32:46 +0100 php-horde (5.2.12+debian0-1) unstable; urgency=high * New upstream version 5.2.12+debian0 + SECURITY: Add CSRF protection tokens to portal layout forms. Closes: #837151 and urgency set to high. * Update patch -- Mathieu Parent Fri, 09 Sep 2016 15:16:20 +0200 php-horde (5.2.11+debian0-1) unstable; urgency=medium * New upstream version 5.2.11+debian0 * Update patch -- Mathieu Parent Sat, 02 Jul 2016 21:55:21 +0200 php-horde (5.2.10+debian0-2) unstable; urgency=medium * Depends on php * Update Standards-Version to 3.9.8, no change * Updated d/watch to use https -- Mathieu Parent Wed, 08 Jun 2016 20:44:45 +0200 php-horde (5.2.10+debian0-1) unstable; urgency=medium * New upstream version 5.2.10+debian0 * Update patch -- Mathieu Parent Sat, 26 Mar 2016 13:31:58 +0100 php-horde (5.2.9+debian0-2) unstable; urgency=medium * Add missing AllowOverride AuthConfig (Closes: #813712). Thanks to Ivan Sergio Borgonovo. * Update Standards-Version to 3.9.7, no change * Use secure Vcs-* fields * Rebuild with newer pkg-php-tools for the PHP 7 transition -- Mathieu Parent Sun, 13 Mar 2016 19:01:14 +0100 php-horde (5.2.9+debian0-1) unstable; urgency=medium * New upstream version 5.2.9+debian0 - Fixes XSS vulnerability in menu bar (Closes: #813573) * Update patch -- Mathieu Parent Wed, 03 Feb 2016 23:40:14 +0100 php-horde (5.2.8+debian0-1) unstable; urgency=medium * Upgaded to debhelper compat 9 * gbp.conf renamed git-import-orig section to import-orig * d/copyright improvements, including: - Fixed several wildcard-matches-nothing-in-dep5-copyright - OpenLayers.js moved to Horde_Core - js/map/* moved to Horde_Core - keynavlist.js and inplaceeditor.js moved to Horde_Core - old theme hordevetica has been removed - imple.php has been removed * New upstream version 5.2.8+debian0 * Update patch -- Mathieu Parent Sat, 24 Oct 2015 07:01:44 +0200 php-horde (5.2.7+debian0-1) unstable; urgency=medium * New upstream version 5.2.7+debian0 * Update patch * Update gbp.conf -- Mathieu Parent Mon, 17 Aug 2015 09:00:59 +0200 php-horde (5.2.6+debian0-1) unstable; urgency=medium * New upstream version 5.2.6+debian0 * Update patches -- Mathieu Parent Thu, 18 Jun 2015 16:48:04 +0200 php-horde (5.2.5+debian0-1) unstable; urgency=medium * Update Standards-Version to 3.9.6, no change * New upstream version 5.2.5+debian0 * Update patches -- Mathieu Parent Tue, 05 May 2015 08:19:18 +0200 php-horde (5.2.1+debian0-2) unstable; urgency=medium * Update Standards-Version, no change * Update Vcs-Browser to use cgit instead of gitweb -- Mathieu Parent Wed, 27 Aug 2014 07:28:19 +0200 php-horde (5.2.1+debian0-1) unstable; urgency=medium * New upstream version 5.2.1 * Update patches -- Mathieu Parent Tue, 05 Aug 2014 11:53:04 +0200 php-horde (5.2.0+debian0-1) unstable; urgency=medium * New upstream version 5.2.0 * Update patches -- Mathieu Parent Tue, 15 Jul 2014 23:26:37 +0200 php-horde (5.2.0~beta2+debian0-1) unstable; urgency=medium * New upstream version 5.2.0~beta2+debian0 * Update patches -- Mathieu Parent Mon, 09 Jun 2014 10:22:52 +0200 php-horde (5.1.6+debian0-1) unstable; urgency=medium * New upstream version 5.1.6 * Update patches * Upstream has now removed .php suffix of files in /usr/bin * Upstream now use #!/usr/bin/env php in all scripts -- Mathieu Parent Sat, 08 Mar 2014 09:45:13 +0100 php-horde (5.1.5+debian1-1) unstable; urgency=low * Remove compiled Silverlight file (Closes: #734210) -- Mathieu Parent Sun, 05 Jan 2014 11:28:29 +0100 php-horde (5.1.5+debian0-1) unstable; urgency=low * New upstream version 5.1.5+debian0 - Fixes the grep path (Closes: #722960) - CVE-2013-6365 (Closes: #730110) * Remove ".php" extension from two files in $PATH * Fix php path in those two same files * Rename old README.Debian to NEWS which is more correct * Add a quick start guide in README.Debian * Provide a horde-writable-config to ease initial configuration (Closes: #726187) * Add ActiveSync URLs -- Mathieu Parent Sat, 30 Nov 2013 19:51:45 +0100 php-horde (5.1.4+debian0-1) unstable; urgency=low * New upstream version 5.1.4+debian0 * Fix postinst (Closes: #711591) * Fix Apache rewrite base (Closes: #721119) * Remove patch for missing horde-queue-run-task in package.xml: Fixed upstream. -- Mathieu Parent Tue, 17 Sep 2013 22:51:26 +0200 php-horde (5.1.2+debian0-1) unstable; urgency=low * New upstream version 5.1.2+debian0 * Add missing install line for horde-queue-run-task * d/postinst, d/postrm: - Add "set -e" to maintscripts - Update to latest spec from https://wiki.debian.org/Apache/PackagingFor24 - Invert the link test (Closes: #720139, #711591) -- Mathieu Parent Wed, 21 Aug 2013 20:23:38 +0200 php-horde (5.1.1+debian0-1) unstable; urgency=low * New upstream version 5.1.1+debian0 -- Mathieu Parent Mon, 24 Jun 2013 11:10:39 +0200 php-horde (5.1.0+debian0-2) unstable; urgency=low * Recommends "apache2 | httpd" * Use override_dh_link instead of dh deprecated --until/--after -- Mathieu Parent Mon, 17 Jun 2013 21:51:01 +0200 php-horde (5.1.0+debian0-1) unstable; urgency=low * New upstream version 5.1.0, repacked * Use pristine-tar (with filtering) * Silence check_compiled_flash_files * Apache2.4 transition: - rename /etc/apache2/conf.d/horde.conf to /etc/apache2/mod-available/php-horde.conf - handle the move on preinst,postinst, postrm - keep backward compatibility -- Mathieu Parent Thu, 06 Jun 2013 20:15:45 +0200 php-horde (5.0.4+debian0-1) unstable; urgency=low * New upstream version 5.0.4 -- Mathieu Parent Sun, 07 Apr 2013 16:23:05 +0200 php-horde (5.0.3+debian0-1) unstable; urgency=low * New upstream version 5.0.3 -- Mathieu Parent Thu, 10 Jan 2013 22:14:52 +0100 php-horde (5.0.2+debian0-3) unstable; urgency=low * Add a description of Horde in long description * Updated Standards-Version to 3.9.4, no changes * Replace horde4 by PEAR in git reporitory path * Fix Horde Homepage * Remove debian/pearrc, not needed with latest php-horde-role -- Mathieu Parent Wed, 09 Jan 2013 20:54:44 +0100 php-horde (5.0.2+debian0-2) unstable; urgency=low * Simple apache config * Depends on php-horde-role (>=1.0.1-2~) to ensure horde_dir is set * Move static directory (actually dynamic) to /var/cache/horde/static -- Mathieu Parent Mon, 10 Dec 2012 13:39:11 +0100 php-horde (5.0.2+debian0-1) unstable; urgency=low * horde package * Initial packaging (Closes: #657374) * Copyright file by Soren Stoutner and Jay Barksdale * Build-depends on php-horde-role * embedded plupload compiled Flash files - Repack to remove binary flash file "plupload.flash.swf" - Add a check at build time - Mention it in README.Debian -- Mathieu Parent Sat, 08 Dec 2012 19:20:23 +0100