=== modified file 'includes/session.inc'
--- includes/session.inc	2006-08-31 19:52:38 +0000
+++ includes/session.inc	2006-10-21 15:41:49 +0000
@@ -85,6 +85,15 @@ function sess_write($key, $value) {
 function sess_regenerate() {
   $old_session_id = session_id();
   session_regenerate_id();
+
+ // This manual cookie reset is required to mitigate the issue
+ // http://bugs.php.net/bug.php?id=32802.
+ // This issue only arises in PHP versions before 4.4.0, regardless of Drupal
+ // configuration.
+ // We destroy the session cookie on the client by setting the cookie to expire
+ // in the past (a negative value).
+ // TODO: remove this when we require at least PHP 4.4.0 
+ if (isset($_COOKIE[session_name()])) {
+   setcookie(session_name(), '', time() - 42000, '/');
+ }
+
   db_query("UPDATE {sessions} SET sid = '%s' WHERE sid = '%s'", session_id(), $old_session_id);
 }
 
@@ -127,4 +136,4 @@ function sess_gc($lifetime) {
   db_query("DELETE FROM {sessions} WHERE timestamp < %d", time() - $lifetime);
 
   return TRUE;
-}
\ No newline at end of file
+}