--- /dev/null
+
+Fix for XSS in session.use_trans_sid support: CAN-2003-0442.
+
+--- php-4.2.2/ext/session/session.c.sessid
++++ php-4.2.2/ext/session/session.c
+@@ -84,7 +84,9 @@
+ static void php_session_output_handler(char *output, uint output_len, char **handled_output, uint *handled_output_len, int mode TSRMLS_DC)
+ {
+ if ((PS(session_status) == php_session_active)) {
+- *handled_output = url_adapt_ext_ex(output, output_len, PS(session_name), PS(id), handled_output_len, (zend_bool) (mode&PHP_OUTPUT_HANDLER_END ? 1 : 0) TSRMLS_CC);
++ char *encoded = php_url_encode(PS(id), strlen(PS(id)), NULL);
++ *handled_output = url_adapt_ext_ex(output, output_len, PS(session_name), encoded, handled_output_len, (zend_bool) (mode&PHP_OUTPUT_HANDLER_END ? 1 : 0) TSRMLS_CC);
++ efree(encoded);
+ } else {
+ *handled_output = NULL;
+ }