Red Hat Bugzilla – Bug 85689
Squirrelmail xss patch from latetst errrata causes parse error
Last modified: 2007-04-18 12:51:52 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130
Description of problem:
Line 308 of the xss-patch has a parse error after being applied. The offending
line of the patch is:
+ $filename = 'untitled' . strip_tags($passed_ent_id) .$suffix);
which obviously won't parse by php.
Change line in patch to:
+ $filename = 'untitled' . strip_tags($passed_ent_id) . $suffix;
rebuild RPM and re-install.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install new squirrel mail RPM
2. Try to download an attachemnt
3. Parse error in download.php - this was caused by the xss patch.
Found Bug 82600 that appears to be the same as this one. It says it was fixed in
1.2.10-4, yet errata release (RHSA-2003:042-07) has 1.2.10-1.
1.2.10-4 is in Rawhide.
*** This bug has been marked as a duplicate of 82600 ***