Roundcube 1.4.5 has been released. It's a bug fix release that addresses some security issues. These usually work by just renaming the existing ebuild. Announcement: https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12 Changelog: https://github.com/roundcube/roundcubemail/releases/tag/1.4.5 Reproducible: Always
*** Bug 726948 has been marked as a duplicate of this bug. ***
"Roundcube 1.3.12 has been released. It's a bug fix release that addresses some security issues. These usually work by just renaming the existing ebuild. Announcement: https://roundcube.net/news/2020/06/02/security-updates-1.4.5-and-1.3.12 Changelog: https://github.com/roundcube/roundcubemail/releases/tag/1.3.12 Reproducible: Always" Would you mind doing a PR for that too, or are we just going to kill off that series?
> Would you mind doing a PR for that too, or are we just going to kill off that series? I don't run the 1.3.x line on my machine, so I wouldn't be able to test it. And I wouldn't feel right putting forth a PR I haven't tested. (Although, again, 98% just renaming the old ebuild has worked and that's likely to be the case here.) I don't have any insight into if users are sticking to 1.3.x for a reason, or if they just haven't been cleaned up yet. That'd be titanofold's call as maintainer, I'd expect. (Perhaps masking the 1.3.x ebuilds to see if anyone complains would be a way to confirm if they're being used?)
Just a heads up there's an installer regression in 1.4.5 & 1.3.12, so they've released new versions with the single fix: https://roundcube.net/news/2020/06/07/updates-1.4.6-and-1.3.13-released
roundcube-1.4.6 just got added to the tree[1]. 1.4.6 is just 1.4.5 plus fixing the installer check that 1.4.5 broke, so one might consider acting on that version rather than 1.4.5 directly re:stabilization, etc. [1] See bug #727534.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=637bca0e8feef63e8d6578d81bf342ac1d8e1e65 commit 637bca0e8feef63e8d6578d81bf342ac1d8e1e65 Author: Aaron W. Swenson <titanofold@gentoo.org> AuthorDate: 2020-07-23 20:31:54 +0000 Commit: Aaron W. Swenson <titanofold@gentoo.org> CommitDate: 2020-07-23 20:39:56 +0000 mail-client/roundcube: Cleanup Bug: https://bugs.gentoo.org/720876 Bug: https://bugs.gentoo.org/726944 Closes: https://bugs.gentoo.org/705388 Package-Manager: Portage-2.3.99, Repoman-2.3.23 Signed-off-by: Aaron W. Swenson <titanofold@gentoo.org> mail-client/roundcube/Manifest | 7 -- mail-client/roundcube/roundcube-1.3.10.ebuild | 96 --------------------------- mail-client/roundcube/roundcube-1.3.8.ebuild | 96 --------------------------- mail-client/roundcube/roundcube-1.3.9.ebuild | 96 --------------------------- mail-client/roundcube/roundcube-1.4.0.ebuild | 73 -------------------- mail-client/roundcube/roundcube-1.4.1.ebuild | 73 -------------------- mail-client/roundcube/roundcube-1.4.2.ebuild | 73 -------------------- mail-client/roundcube/roundcube-1.4.3.ebuild | 73 -------------------- 8 files changed, 587 deletions(-)
Seems like we should be stabilising 1.4.6?
amd64 stable. arm, ppc{,64}, sparc, x86 stable by ALLARCHES. Please cleanup.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=459a41c99baf3612d50ae11d0a66dd871e9e9e97 commit 459a41c99baf3612d50ae11d0a66dd871e9e9e97 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-07-29 00:19:25 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-07-29 00:19:38 +0000 mail-client/roundcube: security cleanup Bug: https://bugs.gentoo.org/726944 Package-Manager: Portage-3.0.1, Repoman-2.3.23 Signed-off-by: Sam James <sam@gentoo.org> mail-client/roundcube/Manifest | 2 - .../roundcube-1.3.7-pear-removed-installed.json | 226 --------------------- mail-client/roundcube/metadata.xml | 3 - mail-client/roundcube/roundcube-1.3.11.ebuild | 97 --------- mail-client/roundcube/roundcube-1.4.4.ebuild | 73 ------- 5 files changed, 401 deletions(-)