diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 3cdd1c6d3d995cb0ac3ccd0b781eaceeb135ac3e..e87952283fa73b8f024e84775a684c19d4cdbfd2 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,5 +1,10 @@
// $Id$
+Drupal 5.18, 2009-05-13
+-----------------------
+- Fixed security issues (Cross site scripting), see SA-CORE-2009-006.
+- Fixed a variety of small bugs.
+
Drupal 5.17, 2009-04-29
-----------------------
- Fixed security issues (Cross site scripting and limited information
diff --git a/includes/theme.inc b/includes/theme.inc
index 2047311c2c69d969502c14b6bf2213ff6d8dd8a8..07aed1d0147b95d125d5afd4098ae2900ff152dd 100644
--- a/includes/theme.inc
+++ b/includes/theme.inc
@@ -170,7 +170,7 @@ function theme() {
if ($functions[$function]) {
$output = call_user_func_array($functions[$function], $args);
// Add final markup to the full page.
- if ($function == 'page') {
+ if ($function == 'page' || $function == 'book_export_html') {
$output = drupal_final_markup($output);
}
return $output;
diff --git a/modules/book/book.module b/modules/book/book.module
index 408e7772e3139f6c719da74cbad62c27092dcda0..e2b4b4b91683711ca2f33392f8454c6191c03c50 100644
--- a/modules/book/book.module
+++ b/modules/book/book.module
@@ -702,8 +702,9 @@ function theme_book_export_html($title, $content) {
global $base_url;
$html = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
$html .= '<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">';
- $html .= "<head>\n<title>". $title ."</title>\n";
+ $html .= "\n<head>\n";
$html .= '<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />';
+ $html .= "\n<title>". $title ."</title>\n";
$html .= '<base href="'. $base_url .'/" />' . "\n";
$html .= "<style type=\"text/css\">\n@import url(misc/print.css);\n</style>\n";
$html .= "</head>\n<body>\n". $content ."\n</body>\n</html>\n";
diff --git a/modules/system/system.module b/modules/system/system.module
index e3ebca66dafcfbf24194040dc550987da84424dd..922828753b66bf12943603ddd78517f490bbbadb 100644
--- a/modules/system/system.module
+++ b/modules/system/system.module
@@ -6,7 +6,7 @@
* Configuration system that lets administrators modify the workings of the site.
*/
-define('VERSION', '5.17');
+define('VERSION', '5.18');
/**
* Implementation of hook_help().
diff --git a/modules/taxonomy/taxonomy.module b/modules/taxonomy/taxonomy.module
index 13ab534f82379074ad4371da82fb351b1c48eaab..4478e066b328f9c62fc1510f15c1b267f12ad6f5 100644
--- a/modules/taxonomy/taxonomy.module
+++ b/modules/taxonomy/taxonomy.module
@@ -621,7 +621,7 @@ function taxonomy_term_confirm_delete_submit($form_id, $form_values) {
*/
function taxonomy_form($vid, $value = 0, $help = NULL, $name = 'taxonomy') {
$vocabulary = taxonomy_get_vocabulary($vid);
- $help = ($help) ? $help : $vocabulary->help;
+ $help = ($help) ? $help : filter_xss_admin($vocabulary->help);
if (!$vocabulary->multiple) {
$blank = ($vocabulary->required) ? t('- Please choose -') : t('- None selected -');
@@ -718,7 +718,7 @@ function taxonomy_form_alter($form_id, &$form) {
$typed_string = implode(', ', $typed_terms) . (array_key_exists('tags', $terms) ? $terms['tags'][$vocabulary->vid] : NULL);
if ($vocabulary->help) {
- $help = $vocabulary->help;
+ $help = filter_xss_admin($vocabulary->help);
}
else {
$help = t('A comma-separated list of terms describing this content. Example: funny, bungee jumping, "Company, Inc.".');
@@ -741,7 +741,7 @@ function taxonomy_form_alter($form_id, &$form) {
$default_terms[$term->tid] = $term;
}
}
- $form['taxonomy'][$vocabulary->vid] = taxonomy_form($vocabulary->vid, array_keys($default_terms), $vocabulary->help);
+ $form['taxonomy'][$vocabulary->vid] = taxonomy_form($vocabulary->vid, array_keys($default_terms), filter_xss_admin($vocabulary->help));
$form['taxonomy'][$vocabulary->vid]['#weight'] = $vocabulary->weight;
$form['taxonomy'][$vocabulary->vid]['#required'] = $vocabulary->required;
}