Index: wp-includes/post-template.php
===================================================================
--- wp-includes/post-template.php	(revision 17191)
+++ wp-includes/post-template.php	(working copy)
@@ -555,7 +555,7 @@
 	if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) )
 		return true;
 
-	if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password )
+	if ( stripslashes($_COOKIE['wp-postpass_' . COOKIEHASH]) != $post->post_password )
 		return true;
 
 	return false;
@@ -1206,8 +1206,8 @@
  */
 function get_the_password_form() {
 	global $post;
-	$label = 'pwbox-'.(empty($post->ID) ? rand() : $post->ID);
-	$output = '<form action="' . get_option('siteurl') . '/wp-pass.php" method="post">
+	$label = 'pwbox-' . ( empty($post->ID) ? rand() : $post->ID );
+	$output = '<form action="' . site_url('wp-pass.php') . '" method="post">
 	<p>' . __("This post is password protected. To view it please enter your password below:") . '</p>
 	<p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__("Submit") . '" /></p>
 	</form>
Index: wp-pass.php
===================================================================
--- wp-pass.php	(revision 17191)
+++ wp-pass.php	(working copy)
@@ -9,11 +9,8 @@
 /** Make sure that the WordPress bootstrap has run before continuing. */
 require( dirname(__FILE__) . '/wp-load.php');
 
-if ( get_magic_quotes_gpc() )
-	$_POST['post_password'] = stripslashes($_POST['post_password']);
-
 // 10 days
-setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);
+setcookie('wp-postpass_' . COOKIEHASH, stripslashes($_POST['post_password']), time() + 864000, COOKIEPATH);
 
 wp_safe_redirect(wp_get_referer());
 exit;