diff -up squirrelmail-1.4.8/functions/mime.php.CVE-2011-2023 squirrelmail-1.4.8/functions/mime.php
--- squirrelmail-1.4.8/functions/mime.php.CVE-2011-2023 2011-09-14 16:54:02.734818366 +0200
+++ squirrelmail-1.4.8/functions/mime.php 2011-09-14 16:55:21.590480575 +0200
@@ -2092,6 +2092,15 @@ function sq_sanitize($body,
list($free_content, $curpos) =
sq_fixstyle($body, $gt+1, $message, $id, $mailbox);
if ($free_content != FALSE){
+ $attary = sq_fixatts($tagname,
+ $attary,
+ $rm_attnames,
+ $bad_attvals,
+ $add_attr_to_tag,
+ $message,
+ $id,
+ $mailbox
+ );
$trusted .= sq_tagprint($tagname, $attary, $tagtype);
$trusted .= $free_content;
$trusted .= sq_tagprint($tagname, false, 2);
@@ -2496,4 +2505,4 @@ function SendDownloadHeaders($type0, $ty
} // end fn SendDownloadHeaders
-?>
\ No newline at end of file
+?>
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
990dbf0cedc5e7df39833eaf1ef25821
>
files
>
20
