Another XSS problem, carefully constructed X-Mailer header would result in

XSS vulnerabilities.  Thanks to Masato Higashiyama for spotting this.

ChangeLog

@@ -36,7 +36,9 @@ Version 1.4.0 RC 2a
   - Fix prefs caching not working correctly in PHP 4.3 caused by a stupid
     version checking mechanism.
   - Fix XXS hole that allowed JavaScript execution by sending someone
-    an email with specially crafted headers. Thanks Jason Munro.
+    an email with specially crafted headers. Thanks Jason Munro, and
+    Masato Higashiyama.
+
 
 Version 1.4.0 RC 1
 ------------------

src/read_body.php

@@ -417,7 +417,7 @@ function formatEnvheader($mailbox, $passed_id, $passed_ent_id, $message,
         $env[_("Priority")] = getPriorityStr($header->priority);
     }
     if ($show_xmailer_default) {
-        $env[_("Mailer")] = decodeHeader($header->xmailer);
+        $env[_("Mailer")] = htmlentities(decodeHeader($header->xmailer));
     }
     if ($default_use_mdn) {
         if ($mdn_user_support) {