Support Forums | Demo Gallery [1.x] [2.x] | Downloads | News | Site Map ]
Nuked Gallery
  Create a FREE account or Login   As a guest, you don't have access to our FULL navigation system.
Gallery Releases
Gallery 1.4.4-pl5 Security Release
Posted on Friday, February 04, 2005 @ 15:26:16 CST
Several days ago, Rafel Ivgi informed us of a possible cross site scripting problem in current versions of Gallery. The problem and some similar problems discovered by our team has been addressed in Gallery 2 CVS as well as in this release of 1.4.4-pl5.

As with most other cross site scripting problems, No risk is posed to the webserver itself or any non-Gallery data, but a Gallery install could be compromised using appropriate code.

In addition to the security fix, Gallery 1.4.4-pl5 uses the proper parameters for new versions of ImageMagick and fixes some small issues with PHP 5.

All Gallery users are strongly urged to upgrade to 1.4.4-pl5 immediately, which fixes this problem and will secure your system.

Gallery 1.4.4-pl5 can be downloaded from the Gallery Download Page.

· More about Gallery Topics
· News by dari
Most read story about Gallery Topics:
Updated Gallery Files for phpNuke 6.5


Average Score: 0
Votes: 0

Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad



 Printer Friendly Printer Friendly

 Send to a Friend Send to a Friend





Sponsors: Web HostingDedicated ServersDomain NamesDomain Name RegistrationDedicated Web HostingSEO Search Engine OptimisationSEOWeb Design New YorkSEO Web DesignWeb hosting AustraliaCheap Web Design

6th year online! 2003-2009
Legal • Use of this site consitutes agreement to the Acceptable Use Policy
Hosted by Implosion WorksSourceForge.net Logo • Theme by TonicMedia