Hi, Last Friday I had prepared sbjsob/sope/sogo packages to be in time for the freeze, but unfortunately Jelmer (my sponsor) didn't manage to upload them on Saturday, so I would like to ask for a freeze exception. The new packages adds hardening, a lot of bugfixes and one new feature that I think is also important to have in wheezy: the addition of more secure hash functions. Currently the SQL user backend only has unsalted MD5 and SHA1, the new version adds salting, SHA256 and SHA512. Sbjson has already been uploaded to unstable. The changes are pretty small, the new version changes two things: - It links correctly with libojbc and libgnustep-base, resulting in a correct Depends field. - It adds hardening. SOPE and SOGo have not been uploaded yet, but that will be done as soon as we get the confirmation that we can get a freeze exception. I had already backported a few patches from the development version and a few my patches have been accepted upstream, the remaing upstream changes of SOPE/SOGo 1.3.16 are (upstream combines the release announcement of both projects, and some things like the LDAP group expension needed fixes in both projects): - it's no longer possible to click the "Upload" button multiple times - allow delivery of mail with no subject, but alert the user - fixed LDAP group expansion - fixed exception when reading ACL of a deleted mailbox - fixed exception when composing a mail while the database server is down - fixed handling of all-day repeating events with exception dates - fixed Sieve filter editor when matching all messages - fixed creation of URLs (A-tag) in messages - updated Dutch, German, French translations The packaging changes for SOPE are: - Added hardening For SOGo: - Added hardening - Fix a piuparts error, do not assume deluser is available in postrm (#678099) - Suggest postgresql or mysql-server (#678047) I've attached the debdiff of the 3 sources packages, and for sogo and sope both a simpler diff between the git branches with debian patches applied and excluding the debian/patches directory. This gives a better overview of what really changed because the backporting from upstream and the merging by upstream of my patches gives a lot of noise, especially with sope. Note that the OpenChange directory, while it is part of upstream source, isn't enabled by SOGo 1.3 (it's only enabled in SOGo 2.0). Thanks, Jeroen Dekkers
Attachment:
sbjson.patch
Description: Binary data
Attachment:
sope-simple.patch
Description: Binary data
Attachment:
sope.patch
Description: Binary data
Attachment:
sogo-simple.patch
Description: Binary data
Attachment:
sogo.patch
Description: Binary data