Package: roundup / 1.4.20-1.1+deb7u1

Metadata

Package Version Patches format
roundup 1.4.20-1.1+deb7u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
00_licensefiles.patch | (download)

COPYING.txt | 106 0 + 106 - 0 !
doc/license.txt | 8 0 + 8 - 0 !
2 files changed, 114 deletions(-)

---
01_separate_configuration.patch | (download)

frontends/roundup.cgi | 24 2 + 22 - 0 !
1 file changed, 2 insertions(+), 22 deletions(-)

 separate configuration

This patch makes roundup exec a Python file under
/etc/roundup, so as to comply with Debian standards
of having the configuration under /etc. At the same
time, the configuration is removed from this code,
so this enables the actual package source being
read-only.


05_roundup_server_umask.patch | (download)

roundup/scripts/roundup_server.py | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 set a sane umask

08_update_manpages.patch | (download)

share/man/man1/roundup-admin.1 | 14 11 + 3 - 0 !
share/man/man1/roundup-mailgw.1 | 35 28 + 7 - 0 !
share/man/man1/roundup-server.1 | 23 20 + 3 - 0 !
3 files changed, 59 insertions(+), 13 deletions(-)

 undocumented options now documented, and better wording

09_german_translation.patch | (download)

locale/de.po | 12 6 + 6 - 0 !
1 file changed, 6 insertions(+), 6 deletions(-)

 updated translation

11_add old detector sampes.patch | (download)

detectors/creator_resolution.py | 43 43 + 0 - 0 !
detectors/emailauditor.py | 42 42 + 0 - 0 !
detectors/newissuecopy.py | 22 22 + 0 - 0 !
3 files changed, 107 insertions(+)

 added back the old detector examples script

no integrated jquery.patch | (download)

share/roundup/templates/devel/html/jquery.js | 4376 0 + 4376 - 0 !
1 file changed, 4376 deletions(-)

---
12_manpage_hyphen_minus.patch | (download)

share/man/man1/roundup-admin.1 | 2 1 + 1 - 0 !
share/man/man1/roundup-mailgw.1 | 4 2 + 2 - 0 !
share/man/man1/roundup-server.1 | 6 3 + 3 - 0 !
3 files changed, 6 insertions(+), 6 deletions(-)

---
CVE 2014 6276.patch | (download)

share/roundup/templates/classic/schema.py | 5 4 + 1 - 0 !
share/roundup/templates/devel/schema.py | 9 7 + 2 - 0 !
share/roundup/templates/minimal/schema.py | 4 3 + 1 - 0 !
3 files changed, 14 insertions(+), 4 deletions(-)

 disclosure of user hashed passwords (cve-2014-6276)
 Security fix default user permissions
 .
 Default user permissions should not include all user attributes. We now
 limit this to the username, realname and some further attributes
 depending on the schema. Note that we no longer include the email
 addresses, depending on your installation you may want to further
 restrict this or add some attributes like ``address`` and
 ``alternate_addresses``.