Oops I forgot to "cvs rm" a secfix

Spotted by: krion
svn path=/head/; revision=161035
2006-05-01 11:33:17 +00:00 · 2006-05-01 11:33:17 +00:00 · 98d01ce7d2 · 2021-03-31 03:12:20 +00:00
commit 98d01ce7d2
parent e14dc2f144
1 changed files with 0 additions and 35 deletions
--- a/www/apache20/files/patch-secfix-CAN-2005-3352
+++ b/www/apache20/files/patch-secfix-CAN-2005-3352
@ -1,35 +0,0 @@
--- modules/mappers/mod_imap.c (original)
-+++ modules/mappers/mod_imap.c Mon Dec 12 08:41:53 2005
-@@ -342,7 +342,7 @@
-     if (!strcasecmp(value, "referer")) {
-         referer = apr_table_get(r->headers_in, "Referer");
-         if (referer && *referer) {
-	    return apr_pstrdup(r->pool, referer);
-+	    return ap_escape_html(r->pool, referer);
-         }
-         else {
- 	    /* XXX:  This used to do *value = '\0'; ... which is totally bogus
-
--- server/util.c (original)
-+++ server/util.c Mon Dec 12 08:41:53 2005
-@@ -1762,6 +1762,8 @@
-             j += 3;
-         else if (s[i] == '&')
-             j += 4;
-+        else if (s[i] == '"')
-+            j += 5;
- 
-     if (j == 0)
-         return apr_pstrmemdup(p, s, i);
-@@ -1779,6 +1781,10 @@
-         else if (s[i] == '&') {
-             memcpy(&x[j], "&amp;", 5);
-             j += 4;
-+        }
-+        else if (s[i] == '"') {
-+            memcpy(&x[j], "&quot;", 6);
-+            j += 5;
-         }
-         else
-             x[j] = s[i];
-