27d21f84b6
ChangeLog: https://github.com/roundcube/roundcubemail/releases/tag/1.4.11
Most notably is the fix of a XSS vulnerability which allowed an attacker
to inject malicious code via CSS's `content'-property from an email[1].
[1] 9dc276d5f2
35 lines
959 B
Nix
35 lines
959 B
Nix
{ fetchurl, lib, stdenv, buildEnv, roundcube, roundcubePlugins }:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "roundcube";
|
|
version = "1.4.11";
|
|
|
|
src = fetchurl {
|
|
url = "https://github.com/roundcube/roundcubemail/releases/download/${version}/roundcubemail-${version}-complete.tar.gz";
|
|
sha256 = "sha256-rHMZBwwwX8LIjHcjYFVi2GBwMHMr7ukxzbQJHPBeabc=";
|
|
};
|
|
|
|
patches = [ ./0001-Don-t-resolve-symlinks-when-trying-to-find-INSTALL_P.patch ];
|
|
|
|
dontBuild = true;
|
|
|
|
installPhase = ''
|
|
mkdir $out
|
|
cp -r * $out/
|
|
ln -sf /etc/roundcube/config.inc.php $out/config/config.inc.php
|
|
rm -rf $out/installer
|
|
'';
|
|
|
|
passthru.withPlugins = f: buildEnv {
|
|
name = "${roundcube.name}-with-plugins";
|
|
paths = (f roundcubePlugins) ++ [ roundcube ];
|
|
};
|
|
|
|
meta = {
|
|
description = "Open Source Webmail Software";
|
|
maintainers = with lib.maintainers; [ vskilet globin ma27 ];
|
|
license = lib.licenses.gpl3;
|
|
platforms = lib.platforms.all;
|
|
};
|
|
}
|