Index: head/www/apache20/files/patch-secfix-CAN-2005-3352
===================================================================
--- head/www/apache20/files/patch-secfix-CAN-2005-3352	(revision 161034)
+++ head/www/apache20/files/patch-secfix-CAN-2005-3352	(nonexistent)
@@ -1,35 +0,0 @@
---- modules/mappers/mod_imap.c (original)
-+++ modules/mappers/mod_imap.c Mon Dec 12 08:41:53 2005
-@@ -342,7 +342,7 @@
-     if (!strcasecmp(value, "referer")) {
-         referer = apr_table_get(r->headers_in, "Referer");
-         if (referer && *referer) {
--	    return apr_pstrdup(r->pool, referer);
-+	    return ap_escape_html(r->pool, referer);
-         }
-         else {
- 	    /* XXX:  This used to do *value = '\0'; ... which is totally bogus
-
---- server/util.c (original)
-+++ server/util.c Mon Dec 12 08:41:53 2005
-@@ -1762,6 +1762,8 @@
-             j += 3;
-         else if (s[i] == '&')
-             j += 4;
-+        else if (s[i] == '"')
-+            j += 5;
- 
-     if (j == 0)
-         return apr_pstrmemdup(p, s, i);
-@@ -1779,6 +1781,10 @@
-         else if (s[i] == '&') {
-             memcpy(&x[j], "&", 5);
-             j += 4;
-+        }
-+        else if (s[i] == '"') {
-+            memcpy(&x[j], """, 6);
-+            j += 5;
-         }
-         else
-             x[j] = s[i];
-

Property changes on: head/www/apache20/files/patch-secfix-CAN-2005-3352
___________________________________________________________________
Deleted: cvs2svn:cvs-rev
## -1 +0,0 ##
-1.1
\ No newline at end of property
Deleted: fbsd:nokeywords
## -1 +0,0 ##
-yes
\ No newline at end of property