roundcubemail-1.3.15-lp152.4.3.1 4>$  Ap_h<踋/=„}dX.VdќAQKL5:rh;󄙝r9AY<{V*'P;^5g9dFpK7?7d # L  2MSZ7 4@ 4 Y, 4 q 4 d 4 ] 4 j 4 4ؚ 4 4FFGHI'III(I8I9J$:LX=V>^FfG| 4H7L 4Ih 4XtPYt\\t 4]\ 4^6}kbc~deflu4 4vw 4x 4y6z7777Y7d7|77777Croundcubemail1.3.15lp152.4.3.1A browser-based multilingual IMAP clientRoundcube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides MIME support, address book, folder manipulation, message searching and spell checking. Roundcube Webmail is written in PHP and requires a MySQL database. The user interface is skinnable using XHTML and CSS 2._h/dev/null done echo } sed -i "s/rcmail-\!24ByteDESkey\*Str/`makedesstr`/" /etc/roundcubemail/defaults.inc.php || : &> /dev/null # enable apache required apache modules if [ -x /usr/sbin/a2enmod ]; then a2enmod -q alias || a2enmod alias a2enmod -q rewrite || a2enmod rewrite a2enmod -q version || a2enmod version fi # restore backed up logs, temp and config if [ -h /srv/www/roundcubemail/logs ] && [ -d /srv/www/roundcubemail/migration/logs ]; then mkdir -p /srv/www/roundcubemail/migrated cp /srv/www/roundcubemail/migration/logs/* /srv/www/roundcubemail/logs/. mv /srv/www/roundcubemail/migration/logs /srv/www/roundcubemail/migrated/. fi if [ -h /srv/www/roundcubemail/temp ] && [ -d /srv/www/roundcubemail/migration/temp ]; then mkdir -p /srv/www/roundcubemail/migrated cp /srv/www/roundcubemail/migration/temp/* /srv/www/roundcubemail/temp/. mv /srv/www/roundcubemail/migration/temp /srv/www/roundcubemail/migrated/. fi if [ -h /srv/www/roundcubemail/SQL ] && [ -d /srv/www/roundcubemail/migration/SQL ]; then rm -r /srv/www/roundcubemail/migration/SQL fi for PLUGIN in acl managesieve password; do if [ -f /srv/www/roundcubemail/migration/$PLUGIN.inc.php ] && [ -h /srv/www/roundcubemail/plugins/$PLUGIN/config.inc.php ]; then cp /srv/www/roundcubemail/migration/$PLUGIN.inc.php /etc/roundcubemail/. mv /srv/www/roundcubemail/migration/$PLUGIN.inc.php /srv/www/roundcubemail/migrated/$PLUGIN.inc.php fi done for MIGDIR in migration migrated; do if [ -d /srv/www/roundcubemail/$MIGDIR ]; then find /srv/www/roundcubemail/$MIGDIR -empty -delete fi if [ -d /srv/www/roundcubemail/$MIGDIR ]; then echo "Found /srv/www/roundcubemail/$MIGDIR! Make sure you delete this folder after checking the migration!" fi done # update/make new config if [ ! -f /etc/roundcubemail/config.inc.php ]; then if [ -f /etc/roundcubemail/main.inc.php ] && [ -f /etc/roundcubemail/db.inc.php ]; then /srv/www/roundcubemail/bin/update.sh \ --version '?' \ --accept else cp /etc/roundcubemail/config.inc.php.sample /etc/roundcubemail/config.inc.php fi fi exit 0%sZ H0)O 98  P )P 2&IZ0}5N 7"+t?f`B|a} Tt TkJ 7,7ug) m)Gy mR <RpE .EZ   J &t<8B2u~y{w5<3Qxo*5^9hAc%R tp\s9K:<C4'^>-O j v| ^. D)2E/e3mB PQ1@?Sz(%!rU%\Gzm{&O3gQE[  _8}v '_PY9 [OK-r&mHiX6 %h3t  8: H  ua,io  "shWKdWJXRG\K Z'NUhG w _(M`XZ|.cWw"FFdONSMV|@Sk?VVd/ H~y i[J5mE7DAA9==55JDENE4Kx:6LA:L0EwFE7K5HKIB=hy2?7=HGKfH@Eb2HJA&8@/ (n -12  1az/'/ +hp,*9$ )U'PrOMI;-0u,[#j#j7a*Pjj6ukhf HDRyD:_AFH==|77LADF@>ES-M8 LOWHmYGJ8dILAWJnh`S;_<;=:TgKQgEGYzO= i]{rJVon^\KkgQRf]c~mNYZWfVn_]r\bv%eQ^i~Yb^TROXbhYlrj~AJE>WP F5'%lD ZIc$@qbds8?(&P i&{@_! &;v[ ~@(4#;5i M 4 6WT v f  ' Y*oy 4 1  B s  m' m yL;  k Z  `; v .   ? C#  5 g. [ Q    T  e    a{f@(@,   (   x_|hS_[aXeMP[HH]S`^bPdou[a]_Dlkv][gXfWmTrqDYbaKY\dkp\cQ_izKQ Ub9,P`I'ut"g|#;6,lG/+nF9!~Xzwso{q93OT2p*iwvWgJ/ifDQLC, d l)~qJ"r j3 UUlz a" 0-tVo7l:i?QX+5 h'O>W2eo`%*t)F$a''qVq;!q!s%&I%$W&'q&* $bNX#L-"$;Y$RTe0*+/$I#4'&|'A"j)[ #$oo[)*e3jg&%0,-Y+ o @ OlkbIKVTPRWACXRHQ^PIB x  R9(@AG(B%~]'@1 . %`$X$DDDL5 0+XX@3_2Uz+4=YZ.h=5h1[]/v?BWE 2tc>i3uR?z@w@jiF5|u+AV{IFR]YR-Zr<m*;6n2on2(v^@l.vO<;+=w?ps&;Am8Ep<M:$g13C'PHU.z}Ah29x@1o9;ASu0>r?XJnMjs>R&h<tG!;8\3B~CWVC ;`1-.TV,2"K4r>NH& y?2}M@{>Cn<@ XeUF 52~Cer={?BbxPgwX=_I-{w {?"2Q w?i5q8lf66Vv"~=e%^RVs0l x '/4B* z  Kh h " k1Z - yH ] #r(Dr- : L dI_aZM{!Op~Dl5 i Enb6a0diYb.c\RUj:2 7 {hE\+It_ j U 5Pf:|'" 5m=1 ;:9PJe? 9#?annb(Ymv iW + w%"9]M )rKGU{zPuh,44. 9kJ;`G# &&& &++++2222 6666====DDDDLLLLTTTT]]])]%eeeellllv,v$v=v2)$oe{v .(2'@=ZMjc~UUUU0(#aQvm) %<3    ++,+;|;e;;KnKWKK[[[[ XVXX vJ"&%"(>+z.2R59=AEfIN6RWN\ `ejp:ub{~ .  "$(*,.02468:<>@BDQSP  #  3K } T!g , O =0\o  K  G  q-#0&L%c 5Cu^,eQ:Tk[sx/$MG%P@rga!dT6rFr t~6kNRJ aO=L hsOH*_CP<# w)QlK$RjTe% }X jqAB|-8-8{\eYU%1+@f e[W :/"dMn I/SkYFk MK[X ` F%r9`_DZ6 3k& {N5"I5|dG1$ LN,c bES 0vH!(D3hyMA큤AA큤A큤A큤AAAA큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤A큤A큤A큤A큤AA큤A큤A큤A큤A큤AA큤AAA큤AA큤A큤A큤AAA큤A큤AA큤AA큤A큤AA큤A큤AAA큤A큤AA큤A큤A큤A큤AA큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤A큤A큤A큤A큤AA큤A큤AA큤A큤AA큤AA큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤A큤A큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤A큤AA큤A큤A큤AA큤A큤AAA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤A큤A큤A큤A큤AAA큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤AA큤AA큤A큤A큤AA큤A큤AA큤AAA큤AAAA큤AAA큤A큤A큤A큤A큤A큤AA큤AAA큤A큤A큤AA큤AAA큤A큤A큤AA큤A큤A큤A큤AA큤A큤AA큤A큤A큤A큤AA큤AAA큤A큤A큤AA큤A큤A큤A큤AA큤AA_h<_h<_h<_1_h<_h<_h<_1_h<_1_h<_h<_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_1_h<_1_1_1_h<_1_1_1_1_1_1_1_1_1_h<_h<_h<_h<_h<_1_1_1_1_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_h<_1_1_h<_1_1_h<_1_1_1_1_h<_1_1_h<_1_h<_1_1_1_h<_1_1_1_1_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_h<_1_1_1_1_1_h<_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_1_1_h<_1_1_1_h<_1_1_h<_1_h<_1_1_1_1_1_1_h<_1_1_1_1_1_1_h<_h<_1_1_1_1_1_1_1_1_1_1_1_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_h<_1_1_1_1_1_1_1_h<_1_1_1_1_1_1_1_1_h<_1_1_1_1_h<_1_1_1_h<_1_1_h<_1_1_h<_1_1_1_1_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_h<_1_1_1_h<_1_1_1_1_1_1_h<_1_h<_1_1_1_1_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_1_1_1_1_1_1_1_1_h<_1_1_1_h<_1_1_h<_1_1_1_1_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_h<_h<_1_1_1_1_1_1_1_1_1_1_1_h<_1_1_1_1_1_1_1_1_1_1_1_1_1_1_h<_1_1_h<_1_h<_1X2X2X2X2_hkbabioch@suse.comjoop.boonen@opensuse.orgecsos@opensuse.orgjengelh@inai.dejoop.boonen@opensuse.orglars@linux-schulserver.demichael@stroeder.comchris@computersalat.demichael@stroeder.comaj@ajaissle.deaj@ajaissle.deastieger@suse.comaj@ajaissle.deaj@ajaissle.deopensuse@dstoecker.delars@linux-schulserver.deaj@ajaissle.deaj@ajaissle.delars@linux-schulserver.deaj@ajaissle.deaj@ajaissle.dedraht@schaltsekun.deaj@ajaissle.deaj@ajaissle.deaj@ajaissle.deaj@ajaissle.deaj@ajaissle.deLed - Upgrade to 1.3.15 This is a security update to the LTS version 1.3. (bsc#1175135) * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg content [CVE-2020-16145] * Security: Fix cross-site scripting (XSS) via HTML messages with malicious math content From 1.3.14 (bsc#1173792 -> CVE-2020-15562) * Security: Fix cross-site scripting (XSS) via HTML messages with malicious svg/namespace From 1.3.13 * Installer: Fix regression in SMTP test section (#7417) From 1.3.12 * Security: Better fix for CVE-2020-12641 (bsc#1171148) * Security: Fix XSS issue in template object 'username' (#7406) * Security: Fix couple of XSS issues in Installer (#7406) * Security: Fix cross-site scripting (XSS) via malicious XML attachment From 1.3.11 (bsc#1171148 -> CVE-2020-12641 bsc#1171040 -> CVE-2020-12625 bsc#1171149 -> CVE-2020-12640) * Enigma: Fix compatibility with Mail_Mime >= 1.10.5 * Fix permissions on some folders created by bin/install-jsdeps.sh script (#6930) * Fix bug where inline images could have been ignored if Content-Id header contained redundant spaces (#6980) * Fix PHP Warning: Use of undefined constant LOG_EMERGE (#6991) * Fix PHP warning: "array_merge(): Expected parameter 2 to be an array, null given in sendmail.inc (#7003) * Security: Fix XSS issue in handling of CDATA in HTML messages * Security: Fix remote code execution via crafted 'im_convert_path' or 'im_identify_path' settings * Security: Fix local file inclusion (and code execution) via crafted 'plugins' option * Security: Fix CSRF bypass that could be used to log out an authenticated user (#7302) From 1.3.10 (bsc#1146286) * Managesieve: Fix so "Create filter" option does not show up when Filters menu is disabled (#6723) * Enigma: Fix bug where revoked users/keys were not greyed out in key info * Enigma: Fix error message when trying to encrypt with a revoked key (#6607) * Enigma: Fix "decryption oracle" bug [CVE-2019-10740] (#6638) * Fix compatibility with kolab/net_ldap3 > 1.0.7 (#6785) * Fix bug where bmp images couldn't be displayed on some systems (#6728) * Fix bug in parsing vCard data using PHP 7.3 due to an invalid regexp (#6744) * Fix bug where bold/strong text was converted to upper-case on html-to-text conversion (6758) * Fix bug in rcube_utils::parse_hosts() where %t, %d, %z could return only tld (#6746) * Fix bug where Next/Prev button in mail view didn't work with multi-folder search result (#6793) * Fix bug where selection of columns on messages list wasn't working * Fix bug in converting multi-page Tiff images to Jpeg (#6824) * Fix wrong messages order after returning to a multi-folder search result (#6836) * Fix PHP 7.4 deprecation: implode() wrong parameter order (#6866) * Fix bug where it was possible to bypass the position:fixed CSS check in received messages (#6898) * Fix bug where some strict remote URIs in url() style were unintentionally blocked (#6899) * Fix bug where it was possible to bypass the CSS jail in HTML messages using :root pseudo-class (#6897) * Fix bug where it was possible to bypass href URI check with data:application/xhtml+xml URIs (#6896) From 1.3.9 (bsc#1115718) * Fix TinyMCE download location (#6694) * Fix bug where a message/rfc822 part without a filename wasn't listed on the attachments list (#6494) * Fix handling of empty entries in vCard import (#6564) * Fix bug in parsing some IMAP command responses that include unsolicited replies (#6577) * Fix PHP 7.2 compatibility in debug_logger plugin (#6586) * Fix so ANY record is not used for email domain validation, use A, MX, CNAME, AAAA instead (#6581) * Fix so mime_content_type check in Installer uses files that should always be available (i.e. from program/resources) (#6599) * Fix missing CSRF token on a link to download too-big message part (#6621) * Fix bug when aborting dragging with ESC key didn't stop the move action (#6623) * Fix bug where next row wasn't selected after deleting a collapsed thread (#6655) From 1.3.8 * Fix PHP warnings on dummy QUOTA responses in Courier-IMAP 4.17.1 (#6374) * Fix so fallback from BINARY to BODY FETCH is used also on [PARSE] errors in dovecot 2.3 (#6383) * Enigma: Fix deleting keys with authentication subkeys (#6381) * Fix invalid regular expressions that throw warnings on PHP 7.3 (#6398) * Fix so Classic skin splitter does not escape out of window (#6397) * Fix XSS issue in handling invalid style tag content (#6410) * Fix compatibility with MySQL 8 - error on 'system' table use * Managesieve: Fix bug where show_real_foldernames setting wasn't respected (#6422) * New_user_identity: Fix %fu/%u vars substitution in user specific LDAP params (#6419) * Fix support for "allow-from " in "x_frame_options" config option (#6449) * Fix bug where valid content between HTML comments could have been skipped in some cases (#6464) * Fix multiple VCard field search (#6466) * Fix session issue on long running requests (#6470) From 1.3.7 (bsc#1115719) * Fix PHP Warning: Use of undefined constant IDNA_DEFAULT on systems without php-intl (#6244) * Fix bug where some parts of quota information could have been ignored (#6280) * Fix bug where some escape sequences in html styles could bypass security checks * Fix bug where some forbidden characters on Cyrus-IMAP were not prevented from use in folder names * Fix bug where only attachments with the same name would be ignored on zip download (#6301) * Fix bug where unicode contact names could have been broken/emptied or caused DB errors (#6299) * Fix bug where after "mark all folders as read" action message counters were not reset (#6307) * Enigma: [EFAIL] Don't decrypt PGP messages with no MDC protection (#6289) * Fix bug where some HTML comments could have been malformed by HTML parser (#6333)- Upgrade to version 1.3.6 * Fix parsing date strings (e.g. from a Date: mail header) with comments * Fix PHP 7.2: count(): Parameter must be an array in enchant-based spellchecker * Fix possible IMAP command injection and type juggling vulnerabilities * Enigma: Fix key selection for signing * Enigma: Enable keypair generation on Internet Explorer 11 * Fix check_request() bypass in places using get_uids() (CVE-2018-9846 boo#1067574) * Fix bug where usernames without domain part could be malformed or converted to lower-case on logon- Upgrade to version 1.3.5 * Added new skin with mobile support - the Elastic * Support Redis cache * Improved Mailvelope integration - Added private key listing and generating to identity settings - Enable encrypt & sign option if Mailvelope supports it * Update to jQuery-3.3.1 * vcard_attachments: Add possibility to send contact vCard from Contacts toolbar (#6080) * Add More actions button in Contacts toolbar with Copy/Move actions (#6081) * Display an error when clicking disabled link to register protocol handler (#6079) * Add option trusted_host_patterns (#6009, #5752) * Support SMTPUTF8 and relax email address validation to support unicode in local part (#5120) * Support additional connect parameters in PostgreSQL database wrapper * Use UI dialogs instead of confirm() and alert() where possible * Display value of the SMTP message size limit in the error message (#6032) * Skip redundant INSERT query on successful logon when using PHP7 * Replace display_version with display_product_version (#5904) * Extend disabled_actions config so it accepts also button names (#5903) * Handle remote stylesheets the same as remote images, ask the user to allow them (#5994) * Add Message-ID to the sendmail log (#5871) * Managesieve: Add ability to disable filter sets and other actions (#5496, #5898) * Managesieve: Add option managesieve_forward to enable settings dialog for simple forwarding (#6021) * Managesieve: Support filter action with custom IMAP flags (#6011) * Managesieve: Support 'mime' extension tests - RFC5703 (#5832) * Managesieve: Support GSSAPI authentication with krb_authentication plugin (#5779) * Changed defaults for smtp_user (%u), smtp_pass (%p) and smtp_port (587) * Composer: Fix certificate validation errors by using packagist only (#5148) * Enigma: Add button to send mail unencrypted if no key was found (#5913) * Enigma: Add options to set PGP cipher/digest algorithms (#5645) * Enigma: Multi-host support * Add --get and --extract arguments and CACHEDIR env-variable support to install-jsdeps.sh (#5882) * Update to jquery-minicolors 2.2.6 * Support _filter and _scope as GET arguments for opening mail UI (#5825) * Support for IMAP folders that cannot contain both folders and messages (#5057) * Added .user.ini file for php-fpm (#5846) * Email Resent (Bounce) feature (#4985) * Various improvements for templating engine and skin behaviours - Support conditional include - Support for 'link' objects - Support including files with path relative to templates directory - Use