From cade17f7770b6a77d46a43693045de6eb448d572 Mon Sep 17 00:00:00 2001
From: Christian Boltz <postfixadmin@cboltz.de>
Date: Mon, 19 Sep 2016 15:26:33 +0000
Subject: [PATCH 1/4] update CHANGELOG.TXT: - add section about 3.0.1 Debian
 packages - import 2.3.8 CHANGELOG section from 2.3 branch

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1871 a1433add-5e2c-0410-b055-b7f2511e0802
---
 CHANGELOG.TXT | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/CHANGELOG.TXT b/CHANGELOG.TXT
index 1a612501..60df8eac 100644
--- a/CHANGELOG.TXT
+++ b/CHANGELOG.TXT
@@ -9,6 +9,12 @@
 # Last update:
 # $Id$
 
+Version 3.0.1 - 2016/09/19 - SVN r1870
+-------------------------------------------------
+
+  - add missing Smarty files to Debian package
+    (no changes to PostfixAdmin, therefore only released as Debian packages)
+
 Version 3.0 - 2016/09/11 - SVN r1861
 -------------------------------------------------
 
@@ -452,8 +458,21 @@ Version 3.0 beta1 (2.91) - 2014/05/06 - SVN r1670
   - postfixadmin.docs: removed redundant changelog file
   - debian/postfixadmin.postrm: Call wwwconfig scripts only if they are existing
 
+Version 2.3.8 - 2015/10/07 - SVN r1814 (postfixadmin-2.3 branch)
+----------------------------------------------------------------
+
+  - fix query to enable/disable alias in edit-mailbox for PostgreSQL (#311)
+  - don't prefill username in users/ login on failed logins - fixes (probably
+    harmless) XSS
+  - fix show_gen_status() to properly escape mail addresses in query (#356)
+  - fix escaping in create-admin, create-mailbox and fetchmail templates -
+    fixes (harmless) XSS on form validation errors
+  - don't echo the password back to the browser in the fetchmail form
+  - allow MariaDB in Debian package dependencies
+
 Version 2.3.7 - 2014/02/20 - SVN r1651 (postfixadmin-2.3 branch)
 ----------------------------------------------------------------
+
   - SECURITY: fix SQL injection in show_gen_status()
   - lt.lang, da.lang translation update
   - when enabling/disabling a mailbox, also update the corresponding alias

From f77309fd62ab96e92ded9724a9823c3894081bae Mon Sep 17 00:00:00 2001
From: David Goodwin <david@palepurple.co.uk>
Date: Thu, 22 Sep 2016 04:30:45 +0000
Subject: [PATCH 2/4] try and improve debian dependencies - see
 https://sourceforge.net/p/postfixadmin/bugs/382/

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1872 a1433add-5e2c-0410-b055-b7f2511e0802
---
 debian/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/control b/debian/control
index 861cf7cf..50659f22 100644
--- a/debian/control
+++ b/debian/control
@@ -11,7 +11,7 @@ Homepage: http://postfixadmin.sourceforge.net
 
 Package: postfixadmin
 Architecture: all
-Depends: debconf (>= 0.5), dbconfig-common, wwwconfig-common, apache2 | lighttpd | httpd, libapache2-mod-php | php-cgi | php, php-imap, php-mysql | php-pgsql | php-mysqlnd | php-sqlite3, mysql-client | postgresql-client, ${misc:Depends}
+Depends: debconf (>= 0.5), dbconfig-common, wwwconfig-common, apache2 | lighttpd | httpd, libapache2-mod-php | php-cgi | php, php-imap | php5-imap, php-mysql | php5-mysql | php-pgsql | php-mysqlnd | php-sqlite3, mysql-client | postgresql-client, ${misc:Depends}
 Recommends: postfix-mysql | postfix-pgsql, virtual-mysql-server | postgresql | sqlite, zendframework, dovecot-core | courier-authlib-mysql | courier-authlib-postgresql, php-cli
 Description: Virtual mail hosting interface for Postfix
  Postfixadmin is a web interface to manage virtual users and domains

From c909d4a71ef956ddb1095360167d083bb25e3f76 Mon Sep 17 00:00:00 2001
From: Christian Boltz <postfixadmin@cboltz.de>
Date: Fri, 30 Sep 2016 21:12:15 +0000
Subject: [PATCH 3/4] FetchmailHandler: use a valid date as default for 'date'

This fixes an invalid query when using mysql strict mode.

Reported by Martin Kenney, https://sourceforge.net/p/postfixadmin/bugs/380/


git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1873 a1433add-5e2c-0410-b055-b7f2511e0802
---
 model/FetchmailHandler.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/model/FetchmailHandler.php b/model/FetchmailHandler.php
index e14157c6..4f14e09a 100644
--- a/model/FetchmailHandler.php
+++ b/model/FetchmailHandler.php
@@ -39,7 +39,7 @@ class FetchmailHandler extends PFAHandler {
             'sslfingerprint'=> pacol(   $extra,     $extra, $extra, 'text', 'pFetchmail_field_sslfingerprint',''                                ),
             'extra_options' => pacol(   $extra,     $extra, $extra, 'text', 'pFetchmail_field_extra_options', 'pFetchmail_desc_extra_options'   ),
             'mda'           => pacol(   $extra,     $extra, $extra, 'text', 'pFetchmail_field_mda'          , 'pFetchmail_desc_mda'             ),
-            'date'          => pacol(   0,          0,      1,      'text', 'pFetchmail_field_date'         , 'pFetchmail_desc_date'            , 1 ),
+            'date'          => pacol(   0,          0,      1,      'text', 'pFetchmail_field_date'         , 'pFetchmail_desc_date'            , '2000-01-01' ),
             'returned_text' => pacol(   0,          0,      1,      'text', 'pFetchmail_field_returned_text', 'pFetchmail_desc_returned_text'   ),
             'active'        => pacol(   1,          1,      1,      'bool', 'active'                        , ''                                , 1 ),
             'created'       => pacol(   0,          0,      0,      'ts',   'created'                       , ''                                ),

From 62b872491f69bda2fbe6096fbea44f9745269792 Mon Sep 17 00:00:00 2001
From: Christian Boltz <postfixadmin@cboltz.de>
Date: Tue, 18 Oct 2016 19:49:13 +0000
Subject: [PATCH 4/4] config.inc.php: add pointers between $CONF[encrypt] =
 'authlib' and $CONF[authlib_default_flavor]

git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1874 a1433add-5e2c-0410-b055-b7f2511e0802
---
 config.inc.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/config.inc.php b/config.inc.php
index b95851e1..91b52a53 100644
--- a/config.inc.php
+++ b/config.inc.php
@@ -137,7 +137,7 @@ $CONF['smtp_client'] = '';
 // system = whatever you have set as your PHP system default
 // cleartext = clear text passwords (ouch!)
 // mysql_encrypt = useful for PAM integration
-// authlib = support for courier-authlib style passwords
+// authlib = support for courier-authlib style passwords - also set $CONF['authlib_default_flavor']
 // dovecot:CRYPT-METHOD = use dovecotpw -s 'CRYPT-METHOD'. Example: dovecot:CRAM-MD5
 //     IMPORTANT:
 //     - don't use dovecot:* methods that include the username in the hash - you won't be able to login to PostfixAdmin in this case
@@ -146,6 +146,7 @@ $CONF['smtp_client'] = '';
 $CONF['encrypt'] = 'md5crypt';
 
 // In what flavor should courier-authlib style passwords be encrypted?
+// (only used if $CONF['encrypt'] == 'authlib')
 // md5 = {md5} + base64 encoded md5 hash
 // md5raw = {md5raw} + plain encoded md5 hash
 // SHA = {SHA} + base64-encoded sha1 hash