[prev in list] [next in list] [prev in thread] [next in thread]
List: squirrelmail-cvs
Subject: [SM-CVS] SF.net SVN: squirrelmail:[14122] trunk/squirrelmail
From: pdontthink () users ! sourceforge ! net
Date: 2011-07-12 4:59:12
Message-ID: E1QgV3w-0003IG-Tb () sfp-svn-4 ! v30 ! ch3 ! sourceforge ! com
[Download RAW message or body]
Revision: 14122
http://squirrelmail.svn.sourceforge.net/squirrelmail/?rev=14122&view=rev
Author: pdontthink
Date: 2011-07-12 04:59:12 +0000 (Tue, 12 Jul 2011)
Log Message:
-----------
Fix XSS problem with unsanitized style tags in messages [CVE-2011-2023]
Modified Paths:
--------------
trunk/squirrelmail/doc/ChangeLog
trunk/squirrelmail/functions/mime.php
Modified: trunk/squirrelmail/doc/ChangeLog
===================================================================
--- trunk/squirrelmail/doc/ChangeLog 2011-07-12 04:53:35 UTC (rev 14121)
+++ trunk/squirrelmail/doc/ChangeLog 2011-07-12 04:59:12 UTC (rev 14122)
@@ -365,6 +365,7 @@
- Fixed XSS holes in generic options inputs, XSS hole in the SquirrelSpell
plugin, and added anti-CSRF protection to the empty trash feature (thanks
to Nicholas Carlini for finding all these issues). [CVE-2010-4555]
+ - Fixed XSS problem with unsanitized style tags in messages. [CVE-2011-2023]
Version 1.5.1 (branched on 2006-02-12)
--------------------------------------
Modified: trunk/squirrelmail/functions/mime.php
===================================================================
--- trunk/squirrelmail/functions/mime.php 2011-07-12 04:53:35 UTC (rev 14121)
+++ trunk/squirrelmail/functions/mime.php 2011-07-12 04:59:12 UTC (rev 14122)
@@ -2350,6 +2350,15 @@
list($free_content, $curpos) =
sq_fixstyle($body, $gt+1, $message, $id, $mailbox);
if ($free_content != FALSE){
+ $attary = sq_fixatts($tagname,
+ $attary,
+ $rm_attnames,
+ $bad_attvals,
+ $add_attr_to_tag,
+ $message,
+ $id,
+ $mailbox
+ );
$trusted .= sq_tagprint($tagname, $attary, $tagtype);
$trusted .= $free_content;
$trusted .= sq_tagprint($tagname, false, 2);
This was sent by the SourceForge.net collaborative development platform, the world's \
largest Open Source development site.
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2d-c2
-----
squirrelmail-cvs mailing list
List address: squirrelmail-cvs@lists.sourceforge.net
List info (subscribe/unsubscribe/change options): \
https://lists.sourceforge.net/lists/listinfo/squirrelmail-cvs
Repository: http://squirrelmail.org/svn
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic