From 9aa3f43160c6412a7cdc6226b4ff1e3a55f099be Mon Sep 17 00:00:00 2001
From: Benjamin Sonntag <benjamin@sonntag.fr>
Date: Tue, 31 May 2016 12:14:08 +0200
Subject: [PATCH] preparing 3.x.11, fixing most wheezy patch

---
 debian/changelog            | 12 ++++++++++++
 wheezy/alternc.install.diff | 14 +++++++-------
 wheezy/changelog.diff       |  4 ++--
 wheezy/control.diff         | 22 ++++++++++------------
 4 files changed, 31 insertions(+), 21 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 6787d213..880b1f94 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,15 @@
+alternc (3.1.11) oldoldstable; urgency=low
+
+  * fix This is a big security upgrade of AlternC 3.x
+  * added CSRF token to all forms (as much as possible) to prevent cross-site attacks
+  * added XSS protection to many form fields and views
+  * migrated the DB abstraction layer from mysql_* functions to PDO
+  * migrated the DB calls from addslases to prepared-queries or quotes
+  * fix many unix rights issues (prevents a root escalation from alterncpanel!)
+  * fix some little interface issues on forms
+
+ -- Benjamin Sonntag <benjamin@sonntag.fr>  Fri, 27 May 2016 10:36:00 +0200
+
 alternc (3.1.10) oldoldstable; urgency=low
 
   * fix not showing dropdown when installing second domain in some case. #28
diff --git a/wheezy/alternc.install.diff b/wheezy/alternc.install.diff
index 7ef25fbd..8d7987d0 100644
--- a/wheezy/alternc.install.diff
+++ b/wheezy/alternc.install.diff
@@ -1,5 +1,5 @@
---- alternc.install	2014-03-28 17:30:31.378712101 +0100
-+++ alternc.install.wheezy	2014-04-03 10:57:57.840148474 +0200
+--- alternc.install.squeeze	2016-05-27 14:25:52.239693435 +0200
++++ alternc.install	2016-05-27 14:24:05.908974433 +0200
 @@ -79,7 +79,7 @@
  fi
  
@@ -9,7 +9,7 @@
  fi
  
  INSTALLED_CONFIG_TAR="/var/lib/alternc/backups/etc-installed.tar.gz"
-@@ -315,7 +315,7 @@
+@@ -316,7 +316,7 @@
          fi
  
  	# We enable dovecot SSL certificate instructions: (on wheezy we should use a new file in /etc/dovecot/conf.d/ )
@@ -18,7 +18,7 @@
  
      else
          # We disable proftpd tls module
-@@ -324,7 +324,7 @@
+@@ -325,7 +325,7 @@
          cp /etc/proftpd/modules.conf /etc/alternc/templates/proftpd/
  
  	# We disable dovecot SSL certificate instructions: (on wheezy we should remove a file in /etc/dovecot/conf.d/ )
@@ -27,7 +27,7 @@
  
          echo "SSL not configured"
          echo "create a certificate in /etc/alternc/apache.pem and rerun alternc.install"
-@@ -569,9 +569,11 @@
+@@ -573,9 +573,11 @@
      fi
  fi
  
@@ -40,5 +40,5 @@
 +# Override some dovecot 2.0 configuration that may have happened during dovecot postinst:
 +sed -i -e 's/^ *!include/#!include/' /etc/dovecot/conf.d/10-auth.conf
  
- # Changing owner of web panel's files
- chown -R alterncpanel:alterncpanel "/usr/share/alternc/panel/"
+ # We force the re-computing of the DNS zones, since we may have changed the IP address (see #460)
+ /usr/bin/mysql --defaults-file="/etc/alternc/my.cnf" -B -e "update domaines set dns_action='UPDATE' WHERE gesdns=1;"
diff --git a/wheezy/changelog.diff b/wheezy/changelog.diff
index 16d0e474..47156ff7 100644
--- a/wheezy/changelog.diff
+++ b/wheezy/changelog.diff
@@ -8,6 +8,6 @@
 +
 + -- Benjamin Sonntag <benjamin@sonntag.fr>  Fri, 15 Jan 2016 15:26:00 +0100
 +
- alternc (3.1.10) oldoldstable; urgency=low
+ alternc (3.1.11) oldoldstable; urgency=low
  
-   * fix not showing dropdown when installing second domain in some case. #28
+   * fix This is a big security upgrade of AlternC 3.x
diff --git a/wheezy/control.diff b/wheezy/control.diff
index d3eb2602..ca62e43a 100644
--- a/wheezy/control.diff
+++ b/wheezy/control.diff
@@ -1,6 +1,6 @@
---- control.squeeze	2014-09-29 16:44:01.334940844 +0200
-+++ control	2014-09-29 16:31:44.088155733 +0200
-@@ -39,15 +39,18 @@
+--- control.squeeze	2016-05-27 14:30:23.182580393 +0200
++++ control	2016-05-27 14:32:08.785264702 +0200
+@@ -39,16 +39,19 @@
         , adduser
         , mysql-client
         , dnsutils
@@ -14,6 +14,7 @@
 +       , dovecot-mysql
         , vlogger
         , mailutils | mailx
+        , zip
         , incron
         , cron
         , opendkim
@@ -22,8 +23,8 @@
 +       , dovecot-managesieved
         , mysql-client(>= 5.0)
         , php5-curl
- Recommends: mysql-server(>= 5.0)
-@@ -123,16 +126,20 @@
+        , quota
+@@ -124,15 +127,18 @@
           , adduser
           , mysql-client
           , sudo
@@ -31,7 +32,7 @@
 -         , dovecot-common(<< 1:2.0)
 -         , dovecot-imapd (>= 1:1.2.15)
 -         , dovecot-pop3d (>= 1:1.2.15)
-+         , dovecot-common (>= 1:2.1.7)
++         , dovecot-common (>=1:2.1.7)
 +         , dovecot-imapd
 +         , dovecot-pop3d
 +         , dovecot-mysql
@@ -40,12 +41,9 @@
           , incron
           , cron
           , opendkim
--         , mysql-client(>= 5.0)
 +         , opendkim-tools
-+         , dovecot-managesieved
 +         , dovecot-sieve
-+         , dovecot-mysql
-+         , mysql-client(>= 5.0)
++         , dovecot-managesieved
+          , mysql-client(>= 5.0)
           , php5-curl
- Recommends:
-          quota
+          , ${misc:Depends}