Security fix for bug #70739.

4 files changed, 28 insertions, 18 deletions

diff --git a/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3_rc1 b/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3_rc1
deleted file mode 100644
index c86a8c4e0913..000000000000
--- a/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3_rc1
+++ /dev/null
@@ -1,9 +0,0 @@
-MD5 5c02d4f11c984b9354f0f02ccbecae2e squirrelmail-1.4.3-RC1.tar.bz2 2248976
-MD5 dfe469f7ab473fd2292b30800e3141d5 retrieveuserdata.0.9-1.4.0.tar.gz 10448
-MD5 049c46507ef161ad4ba5f4d4a0b96d09 compatibility-1.3.tar.gz 5966
-MD5 73d2c111579e2fad17c289f62e0be855 secure_login-1.2-1.2.8.tar.gz 6361
-MD5 a14a46388ed710a81c356d69276844c1 show_ssl_link-2.1-1.2.8.tar.gz 5950
-MD5 c321d0f7efa624f6bc3f3a4d1bf08782 admin_add.0.1-1.4.0.tar.gz 2388
-MD5 e68481acab96c17f02cb397762d8959e virus_scan.0.5-1.4.0.tar.gz 25179
-MD5 88f80922e2a060f5277fd2192404efab gpg.2.0.1-1.4.2.tar.gz 383592
-MD5 c836661e8360358b94df4e153e449b2c ldapuserdata-0.4.tar.gz 67439
diff --git a/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3_rc1-r1 b/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3_rc1-r1
deleted file mode 100644
index c86a8c4e0913..000000000000
--- a/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3_rc1-r1
+++ /dev/null
@@ -1,9 +0,0 @@
-MD5 5c02d4f11c984b9354f0f02ccbecae2e squirrelmail-1.4.3-RC1.tar.bz2 2248976
-MD5 dfe469f7ab473fd2292b30800e3141d5 retrieveuserdata.0.9-1.4.0.tar.gz 10448
-MD5 049c46507ef161ad4ba5f4d4a0b96d09 compatibility-1.3.tar.gz 5966
-MD5 73d2c111579e2fad17c289f62e0be855 secure_login-1.2-1.2.8.tar.gz 6361
-MD5 a14a46388ed710a81c356d69276844c1 show_ssl_link-2.1-1.2.8.tar.gz 5950
-MD5 c321d0f7efa624f6bc3f3a4d1bf08782 admin_add.0.1-1.4.0.tar.gz 2388
-MD5 e68481acab96c17f02cb397762d8959e virus_scan.0.5-1.4.0.tar.gz 25179
-MD5 88f80922e2a060f5277fd2192404efab gpg.2.0.1-1.4.2.tar.gz 383592
-MD5 c836661e8360358b94df4e153e449b2c ldapuserdata-0.4.tar.gz 67439
diff --git a/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3a-r1 b/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3a-r2
index a4ebb31682f2..a4ebb31682f2 100644
--- a/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3a-r1
+++ b/mail-client/squirrelmail/files/digest-squirrelmail-1.4.3a-r2
diff --git a/mail-client/squirrelmail/files/squirrelmail-1.4.3a-xss.patch b/mail-client/squirrelmail/files/squirrelmail-1.4.3a-xss.patch
new file mode 100644
index 000000000000..7786892d2f4b
--- /dev/null
+++ b/mail-client/squirrelmail/files/squirrelmail-1.4.3a-xss.patch
@@ -0,0 +1,28 @@
+diff -urN functions/mime.php functions/mime.php
+--- functions/mime.php	2004-05-23 19:14:11.000000000 +0300
++++ functions/mime.php	2004-11-03 19:16:50.000000000 +0200
+@@ -602,13 +602,22 @@
+             }
+             $iLastMatch = $i;
+             $j = $i;
+-            $ret .= $res[1];
++            if ($htmlsave) {
++                $ret .= htmlspecialchars($res[1]);
++            } else {
++                $ret .= $res[1];
++            }
+             $encoding = ucfirst($res[3]);
+             switch ($encoding)
+             {
+             case 'B':
+                 $replace = base64_decode($res[4]);
+-                $ret .= charset_decode($res[2],$replace);
++                if ($utfencode) {
++                    $replace = charset_decode($res[2],$replace);
++                } elseif ($htmlsave) {
++                    $replace = htmlspecialchars($replace);
++                }
++                $ret .= $replace;
+                 break;
+             case 'Q':
+                 $replace = str_replace('_', ' ', $res[4]);