Change log for gosa package in Debian
| 1 → 75 of 80 results | First • Previous • Next • Last |
| Published in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-11) unstable; urgency=medium
* debian/patches:
+ Add 1046_groups-classic-theme-generic-tpl.patch. Drop artifact '[6~'
from generic group template (classic theme).
+ Add 1047_silence-SnapshotHandler-in-logs.patch. Don't pass new LDAP
class instantiation directly, store in interim variable first.
+ Add 1048_fix-undefined-variable.patch. Amend 'PHP error: Undefined
variable $acl_mode' when using classic theme.
+ Add 1049_dont-compare-multidim-arrays-with-array-diff.patch. Compare
JSON hashes instead of comparing array. This avoids an 'Array to string
conversion' error when comparing multi-dimensional arrays.
-- Mike Gabriel <email address hidden> Tue, 13 Feb 2024 09:19:26 +0100
Available diffs
| Published in bookworm-release |
gosa (2.8~git20230203.10abe45+dfsg-1+deb12u2) bookworm; urgency=medium
[ Daniel Teichmann ]
* debian/patches:
+ Add 1007_fix_debugLevel_bitwise_and.patch. Use single ampersand
operator for logical and operation (not double ampersand).
+ Add 1008_main-dont-die-on-empty-config-object.patch. Gracefully exit
if config object is unavailable (and report to syslog). (Closes:
#1039964).
+ Add 1009_plugin-callHook-always_output_shell_debugging_msgs.patch.
Fix output of shell debugging messages via WebUI.
+ Add 1044_fix-class-ldap-serialization.patch which fixes a few bugs
regarding serialization. This especially fixes setting LDAP userPassword
attribute types via GOsa². (Closes: #1052159).
+ Add 1045_fix-posixaccount-shadowExpire.patch which fixes shadowExpire
always being set to 0. (User can't login then). (Closes: #1053806).
[ Guido Berhoerster ]
* debian/patches:
+ Add 1010_fix-fix-accept-to-gettext.patch. Fix PHP errors in accept-to-
gettext.inc. This fixes numerous errors due to accessing undefined
associative array elements. (Closes: #1043019).
+ Add 2009-Revert-Enable-env-to-work.patch. Work around broken handling of
plugin hook commands in gosa > 2.7.4. (Closes: #1039698, #1039699).
+ Add 1041_fix-role-selector.patch in order to fix role selection
+ Add 1042_fix-user-info-default-theme.patch
[ Mike Gabriel ]
* debian/patches:
+ Add patches 1011 to 1020. Revert nested group feature for GOsa² groups.
This feature is completely broken in GOsa² upstream when posixGroups
are in use. (Closes: #1049328). Also trivially rebase patches 1009 and
2009.
+ Add 1021_fix-config-parser-being-null.patch. Since PHP 8.x an XML parser
must not be null when accessed. It needs to be an instance of XMLParser().
(Closes: #1049338).
+ Re-add 1035_acl_override_to_allow_delete_of_group_members.patch. Allow
users with memberUid write access to remove users from posixGroup objects.
Related to closing #1049328.
+ Add 1099_remove-debug-code.patch. Drop unwanted var_dump() call and
other print statements.
+ Add 1022_fix-implicit-conversions-of-float-to-int.patch. Avoid PHP
deprecation warning "Deprecated: Implicit conversion from float <floatval>
to int loses precision in <php-file>". (Closes: #1043575).
+ Add 11?? patches. Derived from Debian's gosa 2.7.5 patchset (and ignored
first when bringing in gosa 2.8.x, but now re-reviewed and re-applied).
+ Add 1023_fix-icon-labelling-with-default-theme.patch. Properly render
labelled icons if default materialize CSS theme is used. (Closes:
#1049400).
+ Improve 1003_php-deprecations.patch. Silence another 'Deprecated:
preg_match(): Passing null to parameter #2 () of type string is
deprecated' warning. (Closes: #1049394).
+ Add 1024_fix-mess-of-using-and-comparing-int-and-string-values.patch.
This resolves a dirty class property design for the posixAccount class.
This patch attempts at avoiding int-with-string value comparisons for
the properties gidNumber (string) and primaryGroup (int). (Closes:
#1049344).
+ Add 1155_fix-uid-generation-when-many-uids-have-been-already-taken.patch
from Debian's GOsa² 2.7.5 (never uploaded to Debian, but valid for GOsa²
2.8). (Closes: #991545).
+ Improve 1007_fix_debugLevel_bitwise_and.patch. Default value for
debugLevel is an empty string. Assure this gets interpreted as 0
debugLevel. (Closes: #1049937).
+ Add 2010_vacation-templates-writeable-path.patch. Use a folder in
/var/lib/ for providing a GOsa²-writeable path for vacation templates.
(Closes: #1049938).
+ Add 1025_fix-icons-in-debugBar.patch. Don't use image() method from
GOsa²'s function.inc. The debug toolbar is not themed, so hard-code
icon img tags. (Closes: #1049939). This resolves the problem of non-shown
icons if the default (Materialize CSS) theme is used.
+ Add 1026_dont-access-static-property-non-static.patch. Resolves 'Accessing
static property LDAP:: as non static'. (Closes: #1049956).
+ Add patches 1027 - 1033. Fix various PHP errors/warnings reported to
syslog. (Closes: #1049942).
+ Add patches 106?_*.patch. Resolve various issues in GOsa²'s acl class.
(Closes: #1049940).
+ Add 1034_include-class_listing.inc-Fix-processElementFilter-n.patch.
include/class_listing.inc: Fix processElementFilter() not considering
default values for method parameters. (Closes: #1050489).
+ Add 1063_include-class_-listing-acl-.inc-plugins-admin-acl-cl.patch.
plugins/admin/acl/class_aclRole.inc: Fix accessing variables if they
are NULL or keys of arrays which aren't even set. (Closes: #1049940)
+ Add 1036_include-class_filter.inc-Define-gridClass-for-defaul.patch.
include/class_filter.inc: Define gridClass for default and classic theme.
+ Add 1037_include-php_setup.inc-Hide-ldap_-search-read-Search-.patch.
Silence 'Search: No such object.' PHP error messages for ldap_search()
and ldap_read(). Those errors are mostly not errors but simply search /
query results.
+ Add 1038_include-class_pathNavigator.inc-Don-t-send-object-DN.patch.
Silence 'invalid DN syntax' errors from LDAP server when creating new
user objects. (Closes: #1051995).
+ Add 1040_fix-instance-property-typo-in-class_acl-inc.patch. Fix 'Array
to string conversion (/usr/share/gosa/include/class_acl.inc, line 180)'.
(Closes: #1051997).
+ Add 1043a_Add-setter-for-skipFooter-property-needed-for-mfa-ex.patch.
Add modifier for skipFooter protected class property. Required for
gosa-plugins-privacyidea.
+ Add 1043b_honour-plugin-property-skipFooter-used-by-mfa-account.patch.
Honour plugin property 'skipFooter'.
* debian/gosa.{dirs,links,postinst}:
+ Provide /var/lib/gosa/vacation and symlink to it from /etc/gosa.
* debian/rules:
+ Symlink the smarty4 version of the smarty-gettext plugin to DATADIR/
gosa/include/smartyAddons/.
-- Mike Gabriel <email address hidden> Sun, 03 Dec 2023 08:16:31 +0100
| Superseded in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-10) unstable; urgency=medium
[ Mike Gabriel ]
* debian/patches:
+ Add 1038_include-class_pathNavigator.inc-Don-t-send-object-DN.patch.
Silence 'invalid DN syntax' errors from LDAP server when creating new
user objects. (Closes: #1051995).
+ Add 1040_fix-instance-property-typo-in-class_acl-inc.patch. Fix 'Array
to string conversion (/usr/share/gosa/include/class_acl.inc, line 180)'.
(Closes: #1051997).
+ Add 1043a_Add-setter-for-skipFooter-property-needed-for-mfa-ex.patch.
Add modifier for skipFooter protected class property.
+ Add 1043b_honour-plugin-property-skipFooter-used-by-mfa-account.patch.
Honour plugin property 'skipFooter'.
+ Rebase patches 1099 and 1149.
[ Guido Berhoerster ]
* debian/patches:
+ Add 1041_fix-role-selector.patch in order to fix role selection
+ Add 1042_fix-user-info-default-theme.patch
[ Daniel Teichmann ]
* debian/patches/:
+ Add 1044_fix-class-ldap-serialization.patch which fixes a few bugs
regarding LDAP object serialization. This especially fixes setting
LDAP userPassword attribute types via GOsa². (Closes: #1052159).
+ Add 0003-fix-posixaccount-shadowExpire.patch which fixes shadowExpire
always being set to 0. (User can't login then) (Closes: #1053806)
-- Mike Gabriel <email address hidden> Fri, 01 Dec 2023 22:42:54 +0100
Available diffs
| Superseded in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-9) unstable; urgency=medium
* debian/patches:
+ Improve 1007_fix_debugLevel_bitwise_and.patch. Default value for
debugLevel is an empty string. Assure this gets interpreted as 0
debugLevel. (Closes: #1049937).
+ Add 2010_vacation-templates-writeable-path.patch. Use a folder in
/var/lib/ for providing a GOsa²-writeable path for vacation templates.
(Closes: #1049938).
+ Fix multiply patching include/class_sortableList.inc.
+ Add 1025_fix-icons-in-debugBar.patch. Don't use image() method from
GOsa²'s function.inc. The debug toolbar is not themed, so hard-code
icon img tags. (Closes: #1049939). This resolves the problem of
non-shown icons if the default (Materialize CSS) theme is used.
+ Add 1026_dont-access-static-property-non-static.patch. Resolves
'Accessing static property LDAP:: as non static'. (Closes: #1049956).
+ Add patches 1027 - 1033. Fix various PHP errors/warnings reported to
syslog. (Closes: #1049942).
+ Add patches 106?_*.patch. Resolve various issues in GOsa²'s acl class.
(Closes: #1049940).
+ Add 1034_include-class_listing.inc-Fix-processElementFilter-n.patch.
include/class_listing.inc: Fix processElementFilter() not considering
default values for method parameters. (Closes: #1050489).
+ Add 1063_include-class_-listing-acl-.inc-plugins-admin-acl-cl.patch.
plugins/admin/acl/class_aclRole.inc: Fix accessing variables if they
are NULL or keys of arrays which aren't even set.
+ Add 1036_include-class_filter.inc-Define-gridClass-for-defaul.patch.
include/class_filter.inc: Define gridClass for default and classic theme.
+ Add 1037_include-php_setup.inc-Hide-ldap_-search-read-Search-.patch.
Silence 'Search: No such object.' PHP error messages for ldap_search()
and ldap_read(). Those errors are mostly not errors but simply search /
query results.
* debian/gosa.{dirs,links,postinst}:
+ Provide /var/lib/gosa/vacation and symlink to it from /etc/gosa. (Related
to 2010_vacation-templates-writeable-path.patch and #1049938).
-- Mike Gabriel <email address hidden> Tue, 29 Aug 2023 20:53:52 +0200
Available diffs
| Superseded in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-8) unstable; urgency=medium
* debian/patches:
+ Add 1024_fix-mess-of-using-and-comparing-int-and-string-values.patch.
This resolves a dirty class property design for the posixAccount class.
This patch attempts at avoiding int-with-string value comparisons for
the properties gidNumber (string) and primaryGroup (int). (Closes:
#1049344).
+ Add 1155_fix-uid-generation-when-many-uids-have-been-already-taken.patch
from Debian's GOsa² 2.7.5 (never uploaded to Debian, but valid for GOsa²
2.8). (Closes: #991545).
-- Mike Gabriel <email address hidden> Tue, 15 Aug 2023 16:06:27 +0200
Available diffs
| Superseded in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-7) unstable; urgency=medium
* debian/patches:
+ Regression fix in 1023_fix-icon-labelling-with-default-theme.patch.
Adding an <img> tag is wrong for Materialize CSS, this needs to be
addressed in the DHCP service code in gosa-plugins-systems.
-- Mike Gabriel <email address hidden> Tue, 15 Aug 2023 13:05:19 +0200
Available diffs
| Superseded in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-5) unstable; urgency=medium
[ Dominik George ]
* Remove myself as uplaoder.
[ Daniel Teichmann ]
* debian/patches:
+ Add 1007_fix_debugLevel_bitwise_and.patch. Use single ampersand
operator for logical and operation (not double ampersand).
+ Add 1008_main-dont-die-on-empty-config-object.patch. Gracefully exit
if config object is unavailable (and report to syslog). (Closes:
#1039964).
+ Add 1009_plugin-callHook-always_output_shell_debugging_msgs.patch.
Fix output of shell debugging messages via WebUI.
[ Guido Berhoerster ]
* Fix PHP errors in accept-to-gettext.inc. This fixes numerous errors due
to accessing undefined associative array elements. (Closes: #1043019).
* Add 2009-Revert-Enable-env-to-work.patch. Work around broken handling of
plugin hook commands in gosa > 2.7.4. (Closes: #1039698).
-- Mike Gabriel <email address hidden> Thu, 10 Aug 2023 17:38:49 +0200
Available diffs
| Superseded in bookworm-release |
gosa (2.8~git20230203.10abe45+dfsg-1+deb12u1) bookworm; urgency=medium
[ Mike Gabriel ]
* debian/patches:
+ Add 1003_php-deprecations.patch. Silence various PHP 8.2 deprecation
warnings. (Closes: #1038682).
[ Daniel Teichmann ]
* debian/patches:
+ Add 1004_missing_templates.patch. (Closes: #1039697)
+ Update 1002_php82-allow-dynamic-properties.patch: Tolerate dyn. prop. for
ALL PHP classes. (Closes: #1039894)
+ Add 1005_preg_replace_deprecation.patch.
+ Add 1006_fix-overflow-debug-print_a-func.patch. (Closes: #1040839)
-- Mike Gabriel <email address hidden> Wed, 12 Jul 2023 23:12:05 +0200
| Superseded in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-4) unstable; urgency=medium
[ Daniel Teichmann ]
* debian/patches:
+ Add 1004_missing_templates.patch. (Closes: #1039697)
* debian/patches:
+ Update 1002_php82-allow-dynamic-properties.patch: Tolerate dyn. prop. for
ALL PHP classes. (Closes: #1039894)
+ Add 1005_preg_replace_deprecation.patch.
+ Add 1006_fix-overflow-debug-print_a-func.patch. (Closes: #1040839)
[ Debian Janitor ]
* Apply multi-arch hints:
+ gosa-schema: Add Multi-Arch: foreign.
-- Mike Gabriel <email address hidden> Wed, 12 Jul 2023 23:04:35 +0200
Available diffs
| Superseded in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-3) unstable; urgency=medium
[ Daniel Teichmann ]
* debian/patches/1003_php-deprecations.patch:
+ Fix critical PHP error.
-- Mike Gabriel <email address hidden> Wed, 28 Jun 2023 14:05:34 +0200
Available diffs
| Superseded in sid-release |
gosa (2.8~git20230203.10abe45+dfsg-2) unstable; urgency=medium
* debian/patches:
+ Add 1003_php-deprecations.patch. Silence various PHP 8.2 deprecation
warnings. (Closes: #1038682).
* Rename debian/NEWS.Debian to debian/NEWS.
* debian/gosa.lintian-overrides:
+ Adjust overrides for this upload.
-- Mike Gabriel <email address hidden> Tue, 20 Jun 2023 06:13:55 +0200
Available diffs
gosa (2.8~git20230203.10abe45+dfsg-1) unstable; urgency=medium
* New upstream Git snapshot.
* debian/patches:
+ Drop patches 0002 and 1001. Both applied upstream.
+ Trivial rebase of patches 2002 and 2003.
-- Mike Gabriel <email address hidden> Mon, 06 Feb 2023 20:43:44 +0100
Available diffs
| Superseded in sid-release |
gosa (2.8~git20230117.8f8b0c8+dfsg-4) unstable; urgency=medium
* debian/rules:
+ Don't ship generated files in the bin:pkg gosa, they get rebuilt on
every postinst script run.
-- Mike Gabriel <email address hidden> Sat, 21 Jan 2023 20:53:10 +0100
Available diffs
| Superseded in sid-release |
gosa (2.8~git20230117.8f8b0c8+dfsg-2) unstable; urgency=medium * Team upload to unstable. -- Holger Levsen <email address hidden> Fri, 20 Jan 2023 21:36:26 +0100
Available diffs
| Deleted in experimental-release (Reason: None provided.) |
gosa (2.8~git20230117.8f8b0c8+dfsg-1) experimental; urgency=medium
* New upstream Git snapshot.
* debian/patches:
+ Fix typo in 2004_fix-locale-location.patch.
+ Add 0002_gosa-version.patch, 2008_set-version-file-path.patch. Allow for
obtaining the GOsa² version from a package-generated gosa.version file.
* debian/rules:
+ Generate gosa.version file from package version information.
-- Mike Gabriel <email address hidden> Wed, 18 Jan 2023 07:04:30 +0100
| Superseded in experimental-release |
gosa (2.8~git20230116.d119cff+dfsg-1) experimental; urgency=medium
* Upload to experimental.
* Upstream pre-release of GOsa² 2.8.x. (Closes: #1003694, #991542
#800679).
* debian/patches:
+ Drop nearly all patches except from the Debian-specific ones. Next major
GoSA² version has them all (or should, but that's an upstream matter from
here).
+ Trivial rebase of 2002 and 2003.
+ Rebase 2004_fix-locale-location.patch.
+ Add 0001_fix-setup-license-txt.patch. Amend license mismatch between
COPYING and setup/license.txt files. Change also proposed upstream. Fix
webUI-displayed license text (GPL-3 -> GPL-2).
+ Add Forwarded: field to Debian-specific patches (and silence lintian).
+ Add 2007_no-pChart.patch. Forget about pChart class.
* debian/watch:
+ Drop plugin watch files.
+ Use watch.gosa-gosa-core to continue from here.
+ Adjust file to match upstream Git snapshot versions correctly. Drop
uupdate and debian tasks.
* debian/control:
+ Add B:/R: entries for all pre-2.8 bin:pkgs. They are not compatible
with GOsa² 2.8 anymore.
+ Drop plugin bin:pkgs.
+ Update Homepage: field.
+ Bump Standards-Version: to 4.6.2. No changes needed.
+ Add Rules-Requires-Root: field and set it to 'no'.
* debian/rules:
+ Use uscan for orig tarball retrieval.
+ Drop lintian warnings silencer.
+ Drop unneeded doc files.
+ Fix symlink of font files (classic theme).
* debian/copyright:
+ Update auto-generated copyright.in file.
+ Complete rewrite of attributions.
+ Adjust Files-Excluded: field.
* debian/po:
+ Trivial .po file update.
* debian/fix-constructors.sh:
+ Drop file. Should be ok upstream now.
* debian/gosa-plugin-*.{install,<scripts>}:
+ Drop files. Plugins will be uploaded as individual src:pkgs for GOsa² 2.8.
* debian/source/lintian-overrides:
+ Drop file. Not required anymore for now.
* debian/*.{install,manpages,docs}:
+ Adjust to GOsa 2.8.
* debian/gosa.postinst:
+ Use colon instead of dot in chown command.
* debian/control:
+ Bump Standards-Version: to 4.6.1. No changes needed.
* debian/gosa.apache2:
+ Drop empty file.
* debian/README.multi-orig-tarball-package:
+ Drop file. Not required anymore.
* debian/NEWS.Debian:
+ Update file.
* debian/{NEWS,NEWS.Debian,README.Debian}:
+ Update files, re-arrange usage.
* debian/upstream/metadata:
+ Add file. Comply with DEP-12.
* debian/gosa-dev.manpages:
+ Drop update-online-help.1, script not shipped anymore.
-- Mike Gabriel <email address hidden> Mon, 16 Jan 2023 15:51:01 +0100
gosa (2.7.4+reloaded3-16) unstable; urgency=medium
* Re-upload as is.
* debian/changelog:
+ Fix faulty bug closure in previous changelog stanza. Re-closing the
correct bug here now. (Closes: #989099, allow gosa to be installed
in chroots).
-- Mike Gabriel <email address hidden> Wed, 26 May 2021 09:31:07 +0200
Available diffs
| Superseded in sid-release |
gosa (2.7.4+reloaded3-15) unstable; urgency=medium
* debian/gosa.postinst:
+ Don't choke on failing httpd service restarts. This allows gosa to be
installed into chroots. (Closes: #989009).
* debian/patches:
+ Add 1051_openldap-gosa-samba3.-Provide-alias-attribute-descri.patch and
1052_contrib-kolab2.-Comment-out-alias-attribute-type.patch. Provide
'alias' attribute type via 'gosaMailAccount' objectClass. This fixes
'alias' field setting via gosa-plugin-mailaddress without the need to
add 'kolabInetOrgPerson' objectClass to every mail account. (Closes:
#989096).
+ Add 1053_check-countable-before-using-count-on-variable.patch. Don't use
count() function on data that might not be countable. Silences hundreds
of PHP warning log messages per user session. (Closes: #939043).
-- Mike Gabriel <email address hidden> Tue, 25 May 2021 21:18:20 +0200
Available diffs
| Superseded in sid-release |
gosa (2.7.4+reloaded3-14) unstable; urgency=medium
* debian/patches:
+ Add 1050_implode-syntax-php74.patch. Use PHP 7.4 compliant implode()
syntax. (Closes: #964600).
* debian/control:
+ Bump Standards-Version: to 4.5.1. No changes needed.
+ Bump DH compat level to version 13.
-- Mike Gabriel <email address hidden> Mon, 23 Nov 2020 17:44:53 +0100
Available diffs
| Superseded in sid-release |
gosa (2.7.4+reloaded3-13) unstable; urgency=medium
* debian/patches:
+ Add 1049_gosa-fix-filterlocklabelimage.patch. Use NULL as default for
in filterLockImage() and filterLockLabel(). (Closes: #941165).
-- Mike Gabriel <email address hidden> Mon, 27 Jul 2020 22:32:50 +0200
Available diffs
| Published in stretch-release |
gosa (2.7.4+reloaded2-13+deb9u3) stretch; urgency=medium
* debian/patches/1047_CVE-2019-14466-1_replace_unserialize_with_json_
encode+json_decode.patch:
+ Replace (un)serialize with json_encode/json_decode to mitigate PHP object
injection (CVE-2019-14466).
-- Mike Gabriel <email address hidden> Sat, 25 Apr 2020 21:51:15 +0200
| Superseded in sid-release |
gosa (2.7.4+reloaded3-12) unstable; urgency=medium
* debian/patches:
+ Add 1048_gosa-cred-encrypt-decrypt-php-7.4.patch. Fix upgrade error with
PHP 7.4 in use. PHP 7.4 chokes on a flaw in cred_encrypt() and
cred_decrypt() that previous PHP versions silently ignored. (Closes:
#964318).
-- Mike Gabriel <email address hidden> Mon, 13 Jul 2020 13:23:35 +0200
Available diffs
| Published in buster-release |
gosa (2.7.4+reloaded3-8+deb10u2) buster; urgency=medium
* debian/patches:
+ Add 1047_CVE-2019-14466-{1,2}_replace_unserialize_with_json_encode+json_
decode.patch: Replace (un)serialize with json_encode/json_decode to
mitigate PHP object injection.
-- Mike Gabriel <email address hidden> Mon, 27 Apr 2020 13:02:28 +0200
| Superseded in sid-release |
gosa (2.7.4+reloaded3-11) unstable; urgency=medium
* debian/control:
+ Drop php-recode. Code path has an alternative for its usage (iconv). (Closes: #955314).
+ Update Homepage: field. (Closes: #940719).
+ Bump Standards-Version: to 4.5.0. No changes needed.
* debian/{control,compat}:
+ Switch to debhelper-compat notation. Bump DH compat level to version 12.
* debian/copyright:
+ Update Source: field.
-- Mike Gabriel <email address hidden> Mon, 20 Apr 2020 07:32:48 +0200
Available diffs
| Superseded in buster-release |
gosa (2.7.4+reloaded3-8+deb10u1) buster; urgency=medium
* debian/changelog:
+ post-upload fix of patch-1045 explanation...
* debian/patches:
+ Add 1046_CVE-2019-11187_stricter-ldap-error-check.patch.
Perform stricter check on LDAP success/failure (CVE-2019-11187).
-- Mike Gabriel <email address hidden> Sat, 10 Aug 2019 04:04:23 +0200
| Superseded in sid-release |
gosa (2.7.4+reloaded3-10) unstable; urgency=medium
* debian/patches:
+ Add 1047_CVE-2019-14466-1_replace_unserialize_with_json_encode+json_
decode.patch: Replace (un)serialize with json_encode/json_decode to
mitigate PHP object injection. (CVE-2019-14466).
-- Mike Gabriel <email address hidden> Sat, 31 Aug 2019 16:09:11 +0200
Available diffs
| Superseded in sid-release |
gosa (2.7.4+reloaded3-9) unstable; urgency=medium
* debian/changelog:
+ Post-upload fix of patch-1045 explanation in previous stanza.
* debian/patches:
+ Add 1046_CVE-2019-11187_stricter-ldap-error-check.patch.
Perform stricter check on LDAP success/failure (CVE-2019-11187).
* debian/control:
+ Bump Standards-Version: to 4.4.0. No changes needed.
-- Mike Gabriel <email address hidden> Thu, 08 Aug 2019 13:29:34 +0200
Available diffs
gosa (2.7.4+reloaded3-8) unstable; urgency=medium
* debian/patches:
+ Add 1043_smarty-add-on-function-param-types.patch. Fix missing
password field, caused by PHP error "parameter 2 expected to be a
reference, value given". This happened due to mismatching parameter
types whenever the smarty3 template rendering engine called gosa's
(slightly not-compliant anymore) smartyAddon functions. (Closes:
#918578). The patch also brings some smartyAddon hygiene for
the {render} block and the not-used-anymore {tr} block.
+ Add 1044_crypto-transition-without-mcrypt.patch. Make
gosa-mcrypt-to-openssl-passwords script independent from php-mcrypt,
and thus make it work with Debian buster's php7.3. (Closes: #925138).
+ Update 1026_fix-deprecated-constructor-format.patch. Drop an
unwanted find+replace artefact in class_userFilter.
+ Add 1045_dont_use_filter_caching.patch. Disable filter caching via
$_SESSION. The filter caching mechanism stores PHP object in ; since
php7.0 this has lead to all sorts of unexpected results and flawed
rendering of class_management based listings. (Closes: #907815).
* debian/control:
+ Bump Standards-Version: to 4.3.0. No changes needed.
-- Mike Gabriel <email address hidden> Fri, 19 Apr 2019 15:24:14 +0200
Available diffs
gosa (2.7.4+reloaded3-7) unstable; urgency=medium
[ Mike Gabriel ]
* Update default config.
+ Enable netgroup, pwreset and school-manager plugins by default.
[ Dominik George ]
* Update my maintainer address.
* Add support for php-fpm in apache config.
-- Dominik George <email address hidden> Wed, 12 Dec 2018 16:52:38 +0100
Available diffs
gosa (2.7.4+reloaded3-6) unstable; urgency=medium
[ Christian Schwamborn ]
* debian/patches:
+ Add 1040_inactive_pwd_fields_when_using_pwd_proposal.patch. Disable
password entry text fields when password proposal is to be used.
+ Improve 1039_fix_sambakickofftime_...tmplate_setting.patch. Avoid NULL
string being handed over to the date() function.
+ Add 1041_ref_param_error_in_My_Parser.patch. Compat fix for PHP > 5.4.
Hand over real variable to function.
+ Add 1042_add_option_to_disable_autocomplete.patch. Add support for
disabling autocompletion in search boxes.
[ Mike Gabriel ]
* debian/control:
+ Bump Standards-Version: to 4.2.0. No changes needed.
+ Drop exim4 as default MTA, use default-mta instead. Thanks lintian.
-- Mike Gabriel <email address hidden> Wed, 15 Aug 2018 12:31:03 +0200
Available diffs
| Superseded in stretch-release |
gosa (2.7.4+reloaded2-13+deb9u1) stretch-security; urgency=medium
* debian/patches:
+ Add 0013_escape-html-entities-for-uid-to-avoid-code-execution-
CVE-2018-1000528.patch. Fixes code injection in password change dialog.
Resolves CVE-2018-1000528. (Closes: #902723).
-- Mike Gabriel <email address hidden> Wed, 04 Jul 2018 09:15:17 +0200
| Superseded in buster-release |
| Deleted in buster-release (Reason: None provided.) |
| Superseded in sid-release |
gosa (2.7.4+reloaded3-5) unstable; urgency=medium
* debian/control:
+ Update Vcs-*: fields. Packaging Git has been migrated to salsa.debian.org.
* debian/patches:
+ Add 0013_escape-html-entities-for-uid-to-avoid-code-execution-
CVE-2018-1000528.patch. Fixes code injection in password change dialog.
Resolves CVE-2018-1000528. (Closes: #902723).
-- Mike Gabriel <email address hidden> Sat, 30 Jun 2018 12:35:38 +0200
Available diffs
gosa (2.7.4+reloaded3-4) unstable; urgency=medium
* debian/control:
+ Add D (gosa): php-cgi. Required for GOsa² to work under lighttpd.
(Closes: #892570).
+ Drop from S: gosa-si-server. (Closes: #891904). (Note: the requested
php7.0-cli to php-cli modification was already uploaded with
gosa/2.7.4+reloaded3-3).
+ Bump Standards-Version: to 4.1.4. No changes needed.
* debian/gosa.post*:
+ Test presence of apache2ctl to detect whether GOsa² is supposed to run
under Apache2. (Closes: #892571).
* debian/patches:
+ Add 0012_using-the-correct-encryption-method.patch. Use aes-256-ecb, not
-cbc as encryption method in cred_encrypt() function. (Closes: #892546).
+ Add 2006_apache2-private-tmp.patch. Work-around for Apache2's
PrivateTmp=true feature in Debian. (Closes: #892569).
+ Various typo fixes in text comments.
* debian/README.gosa.secrets:
+ Add HowTo about GOsa²'s internal pw encryption procedure.
+ Advertise this new README in debian/NEWS.
* debian/gosa.lintian-overrides:
+ Add override maintainer-script-should-not-use-recursive-chown-or-chmod
postinst.
* lintian: Move source overrides into debian/source/.
-- Mike Gabriel <email address hidden> Fri, 20 Apr 2018 13:36:45 +0200
Available diffs
gosa (2.7.4+reloaded3-3) unstable; urgency=medium
* debian/control:
+ Switch D (gosa-dev) from php7.0-cli to php-cli.
-- Mike Gabriel <email address hidden> Sun, 04 Mar 2018 20:59:40 +0100
Available diffs
| Superseded in sid-release |
gosa (2.7.4+reloaded3-2) unstable; urgency=medium
* debian/control:
+ Add B:/R: relations (gosa) for gosa-plugin-{heimdal,opsi,fai,fai-schema}
(<< 2.7.4+reloaded3-1~).
-- Mike Gabriel <email address hidden> Thu, 01 Mar 2018 19:47:38 +0100
gosa (2.7.4+reloaded2-13) unstable; urgency=medium
[ Dominik George ]
* Allow IPv4 addresses and FQDNs as sudoHost. (Closes: #834065).
* Added myself to Uploaders.
[ Mike Gabriel ]
* debian/control:
+ Update D (gosa, gosa-dev): php-cli -> php7.0-cli.
+ Update PHP MySQL(i) dependency. GOsa with PHP 7 now depends on php-mysqli.
* debian/patches:
+ Add 1028_use-mysqli-instead-of-mysql.patch. Migrate from PHP MySQL
extension to MySQLi extension. (Closes: #834063).
+ Fix another man page type via 1004_fix-typos-in-man-pages.patch.
* lintian:
+ Update source.lintian-overrides.
+ Add php-script-but-no-phpX-cli-dep override for two files.
* debian/README.Debian: Fix spelling issue.
* debian/gosa-plugin-opsi.lintian-overrides:
+ Drop. No required any more.
-- Mike Gabriel <email address hidden> Wed, 25 Jan 2017 22:11:04 +0100
| Published in jessie-release |
gosa (2.7.4+reloaded2-1+deb8u2) jessie; urgency=medium
[ Mike Gabriel ]
* debian/patches:
+ Add 1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch. Fix
label stripping in GOsa²'s image() function. This fixes displaying the
insertDhcp* icon in the DHCP service plugin. (Closes: #794117).
+ Add 2009_allow-Debian-blends-to-override-gosa-conf.patch. Allow
Debian blends to provide their own version of gosa.conf and not get
bugged by GOsa's notification message on gosa.conf template changes.
Debian blends using GOsa (e.g., Edu, LAN) must handle gosa.conf
updates themselves. (Closes: #794118).
+ Add 0004_fix-get-post.patch. Fix transferral of POST variables.
+ Add 1010_fix-entry-removal-in-mail-plugin.patch. Fix entry deletion
of items in "alternatives addresses" and "forward messages to
non-group members" for group mail objects. (LP:#1307483).
+ Add 0005_fix-password-expiry-status.patch. Fix expiration status
for passwords if shadowMax is used in POSIX/shadow accounts.
+ Add 1011_define-isPluginModified.patch. Fix undefined property
error for non-defined usertags::$isPluginModified. (Closes: #794690).
+ Add 1012_allow-one-level-domains-in-email-addresses.patch. Allow
one-level domains in email addresses (such as <uid>@intern, as used
in Debian Edu by default). (Closes: #794738).
[ Holger Levsen ]
* Fixup PHP syntax in 1010_fix-entry-removal-in-mail-plugin.patch. See
#796823 for the details.
* Cherry-picked from 2.7.4+reloaded2-6 from Mike Gabriel:
+ Add 0006_code-injection-in-samba-hash-generation.patch,
0007_update-sambaHashHook-description.patch. Fix potential
code injection issue in Samba hash generation. (CVE-2015-8771)
+ Update 1004_fix-typos-in-man-pages.patch due to cherry-picking
0007_update-sambaHashHook-description.patch from upstream.
-- Holger Levsen <email address hidden> Fri, 27 May 2016 20:31:38 +0200
gosa (2.7.4+reloaded2-12) unstable; urgency=medium
[ Mike Gabriel ]
* debian/fix-constructors.sh:
+ Additionally replace occurrences of <class>::<class>(...) with
<class>::_construct(). Assure script can be run several times on the
same GOsa code tree.
* debian/patches:
+ Fix 1026_fix-deprecated-constructor-format.patch. Additionally patch
occurrences of <class>::<class>(...) with <class>::_construct().
[ Wolfgang Schweer ]
* debian/fix-constructors.sh:
+ Exclude xml:xml* commands from being touched by this script.
* debian/patches:
+ Another fix for 1026_fix-deprecated-constructor-format.patch. Don't
replace xml::xml2array by flawed xml::__construct2array.
-- Mike Gabriel <email address hidden> Thu, 02 Jun 2016 23:51:54 +0200
| Superseded in sid-release |
gosa (2.7.4+reloaded2-11) unstable; urgency=medium
* debian/patches:
+ Add 1025_fix-with-smarty-3-1-29.patch. Fix class auto-loading when GOsa
is used under Smarty3 (>= 3.1.28).
+ Add 1026_fix-deprecated-constructor-format.patch. Replace old-style
constructor names (equaling the class name) by methods of the name
"__construct()". This patch has been generated by the shipped-with script
debian/fix-constructors.sh. Thanks to Cajus Pollmeier for providing this
script.
* debian/control:
+ Bump Standards: to 3.9.8. No changes needed.
+ Use encrypted URLs for Vcs-*: fields.
-- Mike Gabriel <email address hidden> Wed, 01 Jun 2016 12:44:43 +0200
gosa (2.7.4+reloaded2-10) unstable; urgency=medium
[ Holger Levsen ]
* Fixup PHP syntax in 1010_fix-entry-removal-in-mail-plugin.patch. See
#796823 for the details.
* Update depends and debian/gosa-apache.conf for the PHP 7.0 transition.
Thanks to Wolfgang Schweer for the patch! (Closes: #821501)
[ Mike Gabriel ]
* debian/gosa.NEWS: Fix date (2015 -> 2016) for latest NEWS announcement.
-- Holger Levsen <email address hidden> Mon, 23 May 2016 12:44:31 +0200
gosa (2.7.4+reloaded2-9) unstable; urgency=medium
* debian/gosa-desktop.dirs:
+ Create /etc/gosa through dpkg for bin:package gosa-desktop. (Closes:
#814576).
* debian/control:
+ Drop as alternative Ds (gosa-desktop): konqueror, epiphany-browser,
midori, chromium. (Closes: #814774).
-- Mike Gabriel <email address hidden> Mon, 15 Feb 2016 13:17:12 +0100
Available diffs
- diff from 2.7.4+reloaded2-8 to 2.7.4+reloaded2-9 (657 bytes)
| Superseded in sid-release |
gosa (2.7.4+reloaded2-8) unstable; urgency=medium
* debian/changelog:
+ Add closure of #796813 for version 2.7.4+reloaded2-6.
* debian/patches:
+ Fix comment header for 0007_update-sambaHashHook-description.patch.
+ Add 1022_add-b-switch-to-mkntpasswd-script.patch. Support creation of
NT/LM hashes from base64 encoded password string.
+ Add 1023_check-smbhash-creation-for-base64-encoded-pws.patch. Check
NT/LM hash creation during setup checks using decode_base64() function.
+ Update 0007_update-sambaHashHook-description.patch. Add -MMIME::Base64
package loading in NT/LM hash creation code on gosa.conf man page.
+ Add 1024_dont-overescape-dollar-signs-in-smb-passwords.patch. Don't
over-escape "$" characters in passwords provided to the sambaHashHook
execution call. (Together with encoding passwords for sambaHashHook
as base64 string, this closes: #801758).
* debian/gosa.NEWS:
+ Add information on password string now getting base64 encoded prior
to handing it over to the sambaHashHook script.
* debian/gosa.postinst:
+ Only create symlinks to lpstat and convert, if those binaries really
exist on the system. (Closes: #811382).
* debian/control:
+ Update D (gosa-desktop): depend on browser currently available on Debian
and Ubuntu. (Closes: #814004).
* debian/gosa*.dirs:
+ Remove most *.dirs directories, only remaining file: gosa.dirs.
* debian/gosa{,-plugin-mail,-plugin-gofon,-desktop}.postrm:
+ Remove /etc/gosa/ directory, if empty when purging the corresponding
packages. (To make piuparts happy).
* debian/gosa.post*:
+ Use proper if clauses for conditions. This assures that the
postinst/postrm scripts do not fail if any of the conditions is not
met.
+ Define $PATH in scripts to make sure, the which command used in these
scripts works as expected.
-- Mike Gabriel <email address hidden> Fri, 12 Feb 2016 06:14:37 +0100
Available diffs
| Superseded in sid-release |
gosa (2.7.4+reloaded2-7) unstable; urgency=medium
* debian/changelog:
+ Fix-up for previous upload: Add missing changes regarding
lintian.
* debian/gosa.post{inst,rm}:
+ Use quotes around which commands. This fixes failures during
post-installation if either of the supported http daemon packages is not
installed.
-- Mike Gabriel <email address hidden> Sun, 17 Jan 2016 16:52:35 +0100
Available diffs
gosa (2.7.4+reloaded2-6) unstable; urgency=medium
* debian/patches:
+ Fix 1007_gen-uids-like-gosa26.patch. If a placeholder operator specifies
no start and end, but only one value (e.g., %{givenName[12]}), then always
use the complete string. (Closes: #803540).
+ Add 1021_disable-sorting-in-DHCP-section-lists.patch. Disable sorting for
DHCP section lists (plus fix accessor name in class_sortableList.inc).
+ Add 0006_code-injection-in-samba-hash-generation.patch,
0007_update-sambaHashHook-description.patch. Fix potential code injection
issue in Samba hash generation.
+ Update 1004_fix-typos-in-man-pages.patch due to cherry-picking
0007_update-sambaHashHook-description.patch from upstream. Also fix
more man page typos (reported by lintian).
* debian/gosa.postinst:
+ When figuring out whether it makes sense to restart Apache2, let's check
for presence of apache2ctl binary (instead of apache2 binary). Nowadays,
the Apache2 server can be considered installed when apache2ctl is present
on a Debian system.
+ Avoid usage of full paths when testing for presence of executables.
* debian/gosa.postrm:
+ Avoid usage of full paths when testing for presence of executables.
-- Mike Gabriel <email address hidden> Mon, 04 Jan 2016 23:33:10 +0100
Available diffs
gosa (2.7.4+reloaded2-5) unstable; urgency=medium
* debian/patches:
+ Update 1016_allow-same-user-ids-as-adduser.patch. Fix typo.
+ Update 0003_xss-vulnerability-on-login-screen.patch. Fix a
second place where $username should be sanitized by set_post()
function.
+ Add 1020_ob-fixes.patch. Only run ob_end_clean() if there is
something to clean.
-- Mike Gabriel <email address hidden> Mon, 19 Oct 2015 13:17:40 +0200
Available diffs
gosa (2.7.4+reloaded2-4) unstable; urgency=medium
* debian/patches:
+ Improve 1007_gen-uids-like-gosa26.patch. Handle situations where attribute
values are shorter than the minimal length required. Use the complete
attribute's value then, if even not long enough.
+ Fix 1012_allow-one-level-domains-in-email-addresses.patch. Fix email
template checks in tests::is_email(). Also, allow mail addresses
starting with a single letter followed by a dot as second character
(e.g., "m.gabriel").
+ Add 1013_fix-smarty-gettext-tags-recognition.patch. Fix rendering of .tpl
files that contain parameterized {t} blocks.
+ Add 1014_fix-description-of-new-prim-groups.patch. Fix obtaining givenName
and sn from user object when creating its primary POSIX group.
+ Add 1015_allow-iso8601-date-format-in-user-API.patch. Allow writing
ISO8601 conform date strings into the dateOfBirth field.
+ Add 1016_allow-same-user-ids-as-adduser.patch. If strictNamingRules is set
to false in gosa.conf, allow the same UID naming rule as found in
/usr/bin/adduser (as of Debian jessie/stretch).
+ Add 1017_get-ogroups-ou-fix.patch. Use correct GOsa² API call to obtain
ogroupRDN string.
+ Add 1018_no-item-multiplication-on-duplicate-search-results.patch. Don't
return items more than once when found during consecutive search queries.
+ Add 1019_fix-various-typos.patch. Fix various typos in the GOsa² code.
* debian/gosa-apache.conf:
+ Drop FCGIWRapper option from FCGI related Apache2 config part. Fixes
Apache2 startup failures when mod_fscgi is used with GOsa².
* Debian Menu system: Drop debian/gosa.menu in favour of shipping our
gosa-desktop.desktop file. (See tech-ctte resolution in #741573).
* Debhelper compat: Bump to version 9.
* debian/control:
+ Drop R (gosa): ${misc:Recommends}.
-- Mike Gabriel <email address hidden> Tue, 13 Oct 2015 16:19:33 +0200
| Superseded in jessie-release |
gosa (2.7.4+reloaded2-1+deb8u1) jessie-proposed-updates; urgency=medium
* debian/patches:
+ Add 2007_gen-uids-like-gosa26.patch. Fix idGenerator for patterns like
{%sn[3-6}-{%givenName[3-6]}. (Closes: #793455).
+ Add 2008_enable-csv-import-on-clean-installs.patch. Enable CSV / LDIF
import on (non-Debian-Edu) clean GOsa² installations by default. (Closes:
#782529)
-- Mike Gabriel <email address hidden> Fri, 24 Jul 2015 12:36:48 +0200
gosa (2.7.4+reloaded2-3) unstable; urgency=medium
* debian/patches:
+ Rename several patches (2005-2008 -> 1005-1008) to denote that
they are relevant for upstream.
+ Add 1009_fix-insertDhcp-icon-in-dhcp-section-overview.patch. Fix
label stripping in GOsa²'s image() function. This fixes displaying
the insertDhcp* icon in the DHCP service plugin. (Closes: #794117).
+ Add 2005_allow-Debian-blends-to-override-gosa-conf.patch. Allow
Debian blends to provide their own version of gosa.conf and not get
bugged by GOsa's notification message on gosa.conf template changes.
Debian blends using GOsa (e.g., Edu, LAN) must handle gosa.conf
updates themselves. (Closes: #794118).
+ Add 0004_fix-get-post.patch. Fix transferral of POST variables.
+ Add 1010_fix-entry-removal-in-mail-plugin.patch. Fix entry deletion
of items in "alternatives addresses" and "forward messages to
non-group members" for group mail objects. (LP:#1307483).
+ Add 0005_fix-password-expiry-status.patch. Fix expiration status
for passwords if shadowMax is used in POSIX/shadow accounts.
+ Add 1011_define-isPluginModified.patch. Fix undefined property
error for non-defined usertags::$isPluginModified. (Closes: #794690).
+ Add 1012_allow-one-level-domains-in-email-addresses.patch. Allow
one-level domains in email addresses (such as <uid>@intern, as used
in Debian Edu by default). (Closes: #794738).
debian/control:
+ Add C (gosa-plugin-mail): gosa-plugin-mailaddress. New package in
Debian unstable providing a very light-weighted Mail configuration
plugin für GOsa².
-- Mike Gabriel <email address hidden> Mon, 24 Aug 2015 15:15:14 +0200
gosa (2.7.4+reloaded2-2) unstable; urgency=medium
* debian/patches:
+ Add 2007_gen-uids-like-gosa26.patch. Fix idGenerator for patterns
like {%sn[3-6}-{%givenName[3-6]}. (Closes: #793455).
+ Add 2008_enable-csv-import-on-clean-installs.patch. Enable CSV / LDIF
import on (non-Debian-Edu) clean GOsa² installations by default. (Closes:
#782529)
* debian/{control,*.install}:
+ Process with wrap-and-sort.
* debian/control:
+ Bump Standards: to 3.9.6. No changes needed.
* debian/copyright:
+ Really mention all files (plus various fixes).
* debian/watch:
+ Provide as symlink to debian/watch.gosa-core to make uscan and DDPO happy.
* lintian:
+ Drop debian-watch-file-is-missing override. This package version now
provides a watch file.
* debian/gosa-desktop.desktop:
+ Drop MimeType= key from .desktop file. Makes no sense without providing
%f, %F, %u or %U for the Exec key.
-- Mike Gabriel <email address hidden> Fri, 24 Jul 2015 11:06:39 +0200
Available diffs
| Published in wheezy-release |
gosa (2.7.4-4.3~deb7u2) stable-proposed-updates; urgency=medium
* debian/control:
+ Update Maintainer: Debian Edu Packaging Team.
+ Drop from Uploaders: Cajus Pollmeier (retired DD).
+ Add to Uploaders: Mike Gabriel (current maintainer of gosa in
Debian unstable).
* debian/patches:
+ Add 0003_xss-vulnerability-on-login-screen.patch. Fix XSS issue
during login. Picked from GOsa² upstream and from the gosa package
in Debian unstable.
+ Add 1002_trim-decrypt.patch. Fix authentication of GOsa² against
the underlying LDAP server(s) via the gosa-admin DN. (Closes:
#768509). The issue has been fixed in Debian unstable a while back
(see Debian bug #748065) and currently only affects the gosa
package in Debian wheezy (a fix has recently been uploaded to
squeeze-lts). The bug is a regression caused by fixing DSA 3064-1
in php5
-- Mike Gabriel <email address hidden> Fri, 19 Dec 2014 09:22:48 +0100
gosa (2.7.4+reloaded2-1) unstable; urgency=medium
* Repack gosa src:package in order to drop several subtrees of the source
code:
- Smarty3 sources,
- Smarty Gettext sources,
- Liberation font, further fonts shipped with pChart,
- Scriptaculous.js,
- and upstream's debian/ packaging folder.
* debian/README.multi-orig-tarball-package:
+ Grammar fix.
* debian/gosa.postinst:
+ When activating gosa for lighttpd, create /etc/lighttpd/conf-enabled/
if it does not exist, yet. (Closes: #757558).
* debian/control:
+ Make sure that all GOsa² component/plugin bin:packages match the exact
version of the gosa bin:package.
+ Add D (gosa): smarty-gettext.
+ Add D (gosa): libjs-scriptaculous.
* debian/rules:
+ Rework get-orig-source rule, remove embedded libraries from upstream
source tree.
+ Stop shipping fonts with gosa src:package in Debian (via
get-orig-source).
+ Use Debian's version of smarty-gettext (via symlink).
+ Use Debian's version of Scriptaculous.js and Prototype.js (via symlinks).
+ Improve readability. Add some comments.
* debian/copyright:
+ Update file.
+ Update debian/copyright.in template.
* lintian:
+ Drop override embedded-php-library for Smarty3. Not shipped in repacked
sources anymore.
+ Drop override embedded-php-library for Scriptaculous.js and Prototype.js.
Not shipped in repacked sources anymore.
+ Drop unused overrides.
* debian/patches:
+ Add 1004_fix-typos-in-man-pages.patch. Fix several typos and
hyphen-used-as-minus-sign issues in GOsa² man pages.
+ Update 0001_smarty3.patch. The sources of smarty-gettext are not shipped
with Debian's gosa src:package anymore.
+ Improve trimming in 1002_trim-decrypt.patch. Obtained from latest password
encryption/decryption tests with FusionDirectory.
+ Provide patch headers with Author: and Description: fields whereever
possible.
-- Mike Gabriel <email address hidden> Mon, 11 Aug 2014 18:41:55 +0200
Available diffs
- diff from 2.7.4+reloaded1-4 to 2.7.4+reloaded2-1 (222.6 KiB)
gosa (2.7.4+reloaded1-4) unstable; urgency=medium
* debian/patches:
+ Add 0004_RequestHeader-no-underscores-apache24.patch. Since Apache2.4:
Translation of headers to environment variables is more strict than before
to mitigate some possible cross-site-scripting attacks via header
injection. Headers containing invalid characters (including underscores)
are now silently dropped. (Closes: #753419).
-- Mike Gabriel <email address hidden> Tue, 01 Jul 2014 20:40:05 +0200
Available diffs
| Superseded in sid-release |
gosa (2.7.4+reloaded1-3) unstable; urgency=medium
* debian/patches:
+ Update patch naming scheme. See debian/patches/README.
+ Unify file name scheme in patch files.
+ Add 1002_trim_decrypt.patch. Fix decryption of LDAP master
password (which previously got encrypted with gosa-encrypt-password).
(Closes: #748065).
+ Add 0003_xss-vulnerability-on-login-screen.patch. Escape html entities
to fix xss at the login screen. (Closes: #753388).
-- Mike Gabriel <email address hidden> Tue, 01 Jul 2014 14:19:45 +0200
Available diffs
gosa (2.7.4+reloaded1-2) unstable; urgency=low
* debian/control:
+ Update Vcs-*: fields. Packaging has been moved to Alioth and is now
Git based.
+ Bump Standards: to 3.9.5. Fixed DEP-5 compliancy of debian/copyright.
* debian/copyright:
+ Make file DEP-5 compliant.
+ Add CDBS-autogenerated debian/copyright.in file for later reference.
* debian/gosa.prerm:
+ Ignore those valid prerm options that nothing has to be done for.
(Closes: #745045).
* debian/gosa.postrm:
+ Handle apache2 config symlink removal and Apache2 restarts properly
on package purging. (Closes: #744151).
* debian/gosa.postinst:
+ Only create Apache2.2 symlinks if Apache2.4 conf-available folder is
not present.
* Remove obsolete packaging files for formerly embedded bin:package smarty3.
* package scripts: Whitespace clean-up. Use tabs as indentations.
-- Mike Gabriel <email address hidden> Sun, 18 May 2014 22:44:32 +0200
Available diffs
gosa (2.7.4+reloaded1-1) unstable; urgency=low
* New maintenance team: Debian Edu Packaging Team.
* Use upstream tarballs as provided at http://oss.gonicus.de/pub/gosa/
instead of assembling them from SVN or other source. This makes
tarballs checksum stable and allows us to plainly keep the
debian/ folder in Vcs.
* debian/rules:
+ Add get-orig-source sequence.
+ Symlink default theme's fonts against fonts in
/usr/share/fonts/truetrype/liberation.
+ Install upstream Changelog into bin:packages.
* debian/control:
+ Drop deprecated field DM-Upload-Allowed.
+ Break up Depends: field items into multiple lines (makes control file
diffs easier to read).
+ Depend on fonts-liberation (rather than on transitional package
ttf-liberation). (Closes: #722358).
+ Bin:package gosa: Alternatively depend on php5-mysqlnd or php-mysql.
(Closes: #718857).
+ Bin:package gosa: Alternatively depend on libapache2-mod-php5,
php5-cgi _or_ php5-fpm. (Closes: #718859).
* debian/gosa-plugin-mail.install, debian/gosa-plugin-mail.<scripts>:
+ Install conffiles to location where they are expected by the
GOsa² WebGUI. Handle conffile moval in bin:package gracefully.
(Closes: #714922).
* debian/gosa.prerm:
+ Add file. Handle removal of symlinks created during postinst.
(Closes: #715441).
* debian/gosa.postinst:
+ Enable gosa-apache.conf appropriately with Apache2.4. Thanks to
Andreas B. Mundt for providing the necessary patch. (Closes: #717743).
* debian/source.lintian-overrides:
+ Override gosa source: debian-watch-file-is-missing. We actually have
very many watch.* files (for each of the multiple orig tarballs).
-- Mike Gabriel <email address hidden> Tue, 01 Apr 2014 19:54:34 +0200
Available diffs
gosa (2.7.4-4.4) unstable; urgency=low
* Non-maintainer upload.
* debian/patches/sasl-password-change.patch: New patch, allows for changing
user passwords as admin for sasl authentication method. (Closes: #698544)
-- Michael Banck <email address hidden> Mon, 02 Dec 2013 12:37:29 +0100
| Superseded in wheezy-release |
gosa (2.7.4-4.3~deb7u1) stable-updates; urgency=low * Upload to stable updates. -- Holger Levsen <email address hidden> Fri, 12 Jul 2013 17:09:02 +0200
gosa (2.7.4-4.3) unstable; urgency=low
* Non-maintainer upload.
* debian/patches/fix-mass-ldapimport.patch: New patch, fixes LDAP mass
import, by Giorgio Pioda and Petter Reinholdtsen. (Closes: #698840)
-- Michael Banck <email address hidden> Fri, 14 Jun 2013 10:59:37 +0200
Available diffs
- diff from 2.7.4-4.2 to 2.7.4-4.3 (1.3 KiB)
gosa (2.7.4-4.2) unstable; urgency=low
[ Jonathan Wiltshire ]
* Non-maintainer upload.
[ Vagrant Cascadian ]
* debian/gosa.postinst, debian/gosa.postrm: Only restart apache2 or lighttpd
when binary is present. (Closes: #699616)
-- Jonathan Wiltshire <email address hidden> Thu, 07 Feb 2013 20:28:29 +0000
Available diffs
- diff from 2.7.4-4.1 to 2.7.4-4.2 (721 bytes)
gosa (2.7.4-4.1) unstable; urgency=low
* Non-maintainer upload.
* debian/gosa.postinst: add a guard around a2enmod for when
gosa is installed without Apache2 (Closes: #698635)
-- Jonathan Wiltshire <email address hidden> Sun, 27 Jan 2013 14:15:17 +0000
Available diffs
- diff from 2.7.4-4 to 2.7.4-4.1 (544 bytes)
| Published in squeeze-release |
gosa (2.6.11-3+squeeze2) stable; urgency=low * Backport shellvar escaping code. Closes: #665950. -- Cajus Pollmeier <email address hidden> Mon, 09 Jul 2012 20:44:30 +0200
gosa (2.7.4-4) unstable; urgency=low
* New smarty3 package fixes problems with template loading. This
release removes the workarounds for that issue.
-- Cajus Pollmeier <email address hidden> Tue, 19 Jun 2012 09:36:39 +0200
Available diffs
- diff from 2.7.4-3 to 2.7.4-4 (2.9 KiB)
gosa (2.7.4-3) unstable; urgency=low
* Reverted Apache2 transition because it has been aborted. Closes: #674357.
* Checked if the package runs with debian packaged smarty
3.1.x. Closes: #672398.
-- Cajus Pollmeier <email address hidden> Mon, 18 Jun 2012 14:29:03 +0200
Available diffs
- diff from 2.7.4-2 to 2.7.4-3 (4.4 KiB)
gosa (2.7.4-2) unstable; urgency=low * More robustness for the postinst scripts. Closes: #673168. * Hide duplicate message of update-gosa. -- Cajus Pollmeier <email address hidden> Thu, 17 May 2012 20:29:09 +0200
Available diffs
- diff from 2.7.3-2 to 2.7.4-2 (11.5 KiB)
| Superseded in squeeze-release |
gosa (2.6.11-3+squeeze1) stable; urgency=low * Fix DHCP host removal. Closes: #650258 * Backport user generator unicode character transliteration. Closes: #657086 -- Cajus Pollmeier <email address hidden> Mon, 30 Jan 2012 09:32:09 +0100
gosa (2.7.4-1) unstable; urgency=low * New upstream release * Apache2 transition to 2.4 (Closes: #669852) * Corrected dependency of the netatalk plugin (Closes: #606980) * Corrected dependency for deprecated Switch library (Closes: #629336) * Made user id editable when applying templates (Closes: #629446) * Added a conflict for no longer supported plugins (Closes: #608918, #608920) -- Cajus Pollmeier <email address hidden> Mon, 23 Apr 2012 10:54:39 +0200
gosa (2.7.3-2) unstable; urgency=low * Fixed purge in postrm script (Closes: #664852) * Brazilian Portuguese debconf templates translation (Closes: #662178) -- Cajus Pollmeier <email address hidden> Thu, 22 Mar 2012 13:58:59 +0100
Available diffs
- diff from 2.7.2-1 (in Ubuntu) to 2.7.3-2 (15.7 KiB)
gosa (2.7.3-1) unstable; urgency=low * New upstream release * Maintain DHCP information correctly (Closes: #650258) -- Cajus Pollmeier <email address hidden> Mon, 23 Jan 2012 09:07:40 +0100
gosa (2.7.2-1) unstable; urgency=low * New upstream release * Added danish template translation (Closes: #628223) * Removed extra spurious Czech translation file (Closes: #624209) * Upstream has followed the whishlist bug (Closes: #629315) * Fixed an incorrect warning issue (Closes: #629318) -- Cajus Pollmeier <email address hidden> Tue, 25 Oct 2011 13:48:03 +0200
gosa (2.7.1-1) unstable; urgency=low * New upstream release * Updated packaging to not include smarty (Closes: #620489) * Fixed case of POSIX (Closes: #620486) -- Cajus Pollmeier <email address hidden> Mon, 04 Oct 2010 10:45:44 +0200
gosa (2.6.11-3) unstable; urgency=low * Don't install gosa-core/contrib/desktoprc to /etc/gosa/desktoprc of gosa-desktop package, as it is rewritten during configuration anyway (Closes: #603426) * Remove acl debug code (Closes: #603421) * Correct typo error in contentcsv.tpl (Closes: #604745) * Correct gosa 2.6 & assigned acl role to group -- Benoit Mortier <email address hidden> Sun, 05 Dec 2010 13:01:13 +0100
gosa (2.6.11-2) unstable; urgency=low * Corrected wrong dirs on gosa-plugin-mail * Corrected wrong dirs on gosa-plugin-gofon * Added missing scripts in gosa-dev package * Added missing README.squid to gosa-plugin-squid package * Added patch for security in using gosa hook for password * package explicitly depends on preform MPM (Closes: #591043) * default config refers to missing FCGIWrapper (Closes: #591046) -- Benoit Mortier <email address hidden> Sun, 17 Oct 2010 16:00:00 +0200
gosa (2.6.11-1) unstable; urgency=low
* Samba schema file is incompatible with Samba shipped with lenny
(Closes: #582899)
* package explicitly depends on preform MPM (Closes: #591043)
* default config refers to missing FCGIWrapper (Closes: #591046)
-- Benoit Mortier <email address hidden> Fri, 13 Aug 2010 11:00:29 +0200
gosa (2.6.10-2) unstable; urgency=low
* Removed faulty patch due to 3.0 source conversion
* Prevented /usr/share/doc/gosa.conf to be compressed
to make setup configuration file saving work again
-- Benoit Mortier <email address hidden> Tue, 27 Jul 2010 18:49:07 +0200
gosa (2.6.10-1) unstable; urgency=low
[ Cajus Pollmeier ]
* New upstream release
[ Benoit Mortier ]
* Switch to dpkg-source 3.0 (quilt) format
* gosa fails with: "Fatal error: Call to undefined function
print_array() (Closes: #573220)
* GOSa fails to add IP and MAC addresses to samba created hosts
(Closes: #582896)
-- Benoit Mortier <email address hidden> Tue, 20 Jul 2010 12:48:02 +0200
| 1 → 75 of 80 results | First • Previous • Next • Last |
