diff options
| author | martti <martti@pkgsrc.org> | 2004-11-16 14:18:01 +0000 |
|---|---|---|
| committer | martti <martti@pkgsrc.org> | 2004-11-16 14:18:01 +0000 |
| commit | 914bc2a8a8a2b48b8b5178bad6f673a377147df5 (patch) | |
| tree | 3d802fd5bdce8c93f4de5c2091aa816c77569c01 /mail/squirrelmail/patches | |
| parent | e5549532e2cfb126e5dbd05a7a7cb5192ece2c9b (diff) | |
| download | pkgsrc-914bc2a8a8a2b48b8b5178bad6f673a377147df5.tar.gz | |
Updated squirrelmail to 1.4.3anb1 (pkg/28328 by IYODA Atsushi)
There is a cross site scripting issue in the decoding of encoded text
in certain headers. SquirrelMail correctly decodes the specially
crafted header, but doesn't sanitize the decoded strings.
http://article.gmane.org/gmane.mail.squirrelmail.user/21169
Diffstat (limited to 'mail/squirrelmail/patches')
| -rw-r--r-- | mail/squirrelmail/patches/patch-aa | 2 | ||||
| -rw-r--r-- | mail/squirrelmail/patches/patch-ab | 30 |
2 files changed, 32 insertions, 0 deletions
diff --git a/mail/squirrelmail/patches/patch-aa b/mail/squirrelmail/patches/patch-aa index 1934fe2b5d8..2cd801f7e71 100644 --- a/mail/squirrelmail/patches/patch-aa +++ b/mail/squirrelmail/patches/patch-aa @@ -1,3 +1,5 @@ +$NetBSD: patch-aa,v 1.8 2004/11/16 14:18:01 martti Exp $ + --- config/config_default.php.orig 2004-04-21 20:21:54.000000000 +0300 +++ config/config_default.php 2004-05-31 21:32:43.000000000 +0300 @@ -383,7 +383,7 @@ diff --git a/mail/squirrelmail/patches/patch-ab b/mail/squirrelmail/patches/patch-ab new file mode 100644 index 00000000000..b1de49d39b0 --- /dev/null +++ b/mail/squirrelmail/patches/patch-ab @@ -0,0 +1,30 @@ +$NetBSD: patch-ab,v 1.6 2004/11/16 14:18:01 martti Exp $ + +diff -urN functions/mime.php functions/mime.php +--- functions/mime.php 2004-05-23 19:14:11.000000000 +0300 ++++ functions/mime.php 2004-11-03 19:16:50.000000000 +0200 +@@ -602,13 +602,22 @@ + } + $iLastMatch = $i; + $j = $i; +- $ret .= $res[1]; ++ if ($htmlsave) { ++ $ret .= htmlspecialchars($res[1]); ++ } else { ++ $ret .= $res[1]; ++ } + $encoding = ucfirst($res[3]); + switch ($encoding) + { + case 'B': + $replace = base64_decode($res[4]); +- $ret .= charset_decode($res[2],$replace); ++ if ($utfencode) { ++ $replace = charset_decode($res[2],$replace); ++ } elseif ($htmlsave) { ++ $replace = htmlspecialchars($replace); ++ } ++ $ret .= $replace; + break; + case 'Q': + $replace = str_replace('_', ' ', $res[4]); |