Create a FREE account or Login
As a guest, you don't have access to our FULL navigation system. |
Gallery 3.0.9 security release|
Friday, July 12, 2013 @ 09:51:42 CDT (4414 reads)
Gallery 3.0.9 is now available! We are still hard at work on 3.1, but in the meantime a few more minor security issues needed to be resolved. We've fixed them and recommend that you upgrade to 3.0.9 ASAP. Thanks to Malte Batram and Dhaval Chauhan for their responsible disclosure. We will be rewarding them cash bounties as part of our Security Bounty Program.
[ Read More... | 1921 bytes more | Score: 4.5 ]
Gallery 3.0.8 security release available|
Sunday, June 23, 2013 @ 08:12:54 CDT (3514 reads)
Gallery 3.0.8 is now available! We're hard at work on 3.1, but in the meantime two security researchers identified small security vulnerabilities in the 3.0.7 release. We've patched them and recommend that you upgrade to 3.0.8 ASAP. Thanks to Mala and Dhaval Chauhan for their responsible disclosure. We'll be rewarding them cash bounties as part of our Security Bounty Program.
[ Read More... | 1951 bytes more | Score: 0 ]
Gallery 3.0.6 bug fix release available!|
Wednesday, March 20, 2013 @ 09:50:12 CDT (3630 reads)
Gallery 3.0.6 is now available! This is likely to be the last release in the 3.0 branch of Gallery - next up we're going to 3.1 and making a lot of big improvements. But before we do that, we wanted to iron out a few kinks and update a few last libraries before we stop working on the 3.0.x code base. This upgrade will be fast and painless, go on.. do it!
[ Read More... | 2087 bytes more | Score: 4 ]
The Future of NukedGallery|
Saturday, March 02, 2013 @ 13:38:24 CST (2996 reads)
Gallery 3.0.5 was just released, and 3.0.6 looks like it's hot on it's heels...so what's that mean for work here at NG.net? It means that 3.1 is coming, and with 3.1 comes, hopefully, 3rd party site integration and embedding capabilities. It's a big effort to make it work, and the Gallery team needs to know the user community wants it. I am not condoning spamming their forums in any way, shape, or form, so please don't. But leave them feedback, whether via the forums, email, etc, asking POLITELY that integration and embedding be included in 3.1. Once that work gets under way, work here can commence on integrating into currently supported CMS and forum platforms.
[ Read More... | Score: 0 ]
Gallery 3.0.5 Security Release Available!|
Friday, February 22, 2013 @ 09:58:25 CST (3745 reads)
Gallery 3.0.5 is now available for download. It contains several security fixes as well as a handful of new features. The only major security issue involves someone malicious accessing a copy of Gallery 3 that is not yet installed, so if you already have Gallery 3.0.4 installed and configured there are no known major issues. However, as always we strongly recommend that you upgrade to the latest code. Go on, do it. It's fast and painless.
We'd like to thank the following individuals for responsibly reporting these security issues: Michael T. Boos, AMol NAik, Johannes Dahse, Sergey Markov, James 'albino' Kettle, and Johannes Dahse. For their efforts, they will each be receiving bounties of between $100 and $1000 for their help in making Gallery more secure. Read our Bounties page for details and how to submit any security issues you find.
[ Read More... | 2635 bytes more | Score: 0 ]
What's the scoop?|
Monday, November 05, 2012 @ 13:59:28 CST (1301 reads)
As some folks have noticed, things have slowed down considerably here. No new releases, and not much activity in the forum. There is no single root cause for this, but rather:
As soon as Gallery development ramps up and 3.1 is released, you will see development here pick up, as well.
- PHPNuke's decline in popularity as a CMS.
- What I believe is an overall decline in CMS usage, or the people that are going to use them, already are using them (fewer new users).
- Slowed development on the Gallery project. Integration for G3 won't be available until version 3.1. The current roadmap can be seen here: http://sourceforge.net/apps/trac/gallery/roadmap.
[ Read More... | Score: 0 ]
Gallery 3.0.4 Security Release Available|
Wednesday, June 13, 2012 @ 13:48:15 CDT (1833 reads)
After several extensive internal and external security audits which discovered 22 distinct vulnerabilities, we are releasing Gallery 3.0.4 as a security release. All of the issues require that someone with malicious intent either have an account with edit permissions, or trick a user with edit permissions into clicking on a malicious link. In most cases, this can only lead to a possible XSS vulnerability, but in several instances it allows arbitrary PHP code execution.
We thank the following individuals for reporting these issues: Chalk, Mateusz Goik, James 'albino' Kettle, Emanuel Bronshtein, and Sergey Markov. Due to their efforts, they will each be receiving bounties of $1000 for their help in making Gallery more secure. Read our Bounties page for details and how to submit any security issues you find.
We strongly recommend that all users of Gallery 3 upgrade as soon as possible.
[ Read More... | 2221 bytes more | Score: 0 ]
Gallery 3.0.3 and Gallery 2.3.2 Security Releases are available!|
Wednesday, April 11, 2012 @ 11:56:11 CDT (2056 reads)
We're releasing both Gallery 3.0.3 and Gallery 2.3.2 as security releases. Several researchers, working independently, discovered possible encryption-related vulnerabilities. Low-risk XSS vulnerabilities limited to the administration area were also reported. We thank the following individuals for reporting these issues: James 'albino' Kettle, George Argyros & Aggelos Kiayias, and Emanuel Bronshtein. They will be receiving bounties for these issues. Read our Bounties page for details and how to submit any security issues you find. The CVE id for these issues is CVE-2012-1113.
We recommend that all users of Gallery 2 and Gallery 3 upgrade as soon as possible.
[ Read More... | 2660 bytes more | Score: 0 ]
Xotof, Gallery 3 on Android!|
Monday, October 17, 2011 @ 09:57:12 CDT (2679 reads)
Adam Minchinton and Magne Zachrisen just released a Beta version of their upcoming Gallery 3 Client for Android: Xotof.
Like Gallery 3, they focused on usability and simplicity and the app looks pretty fun and easy to use with most of the UI focusing on your photos. Check out their website for more details or post bugs on their forum.
Here's a quick summary of the major features:
- Supports multiple gallery installations
- Smart caching, and loading of images
- Zoom/Pan images
- Inbuilt slide show
- Uploading of single or multiple images
- Robust connection handling
- Honeycomb support
[ Read More... | Score: 0 ]
Gallery 3.0.2 bugfix release is available!|
Thursday, June 02, 2011 @ 19:41:31 CDT (3369 reads)
Gallery 3.0.2 is available, woot! This is a bug and stability fix release, but it adds a few new usability features. You should upgrade to Gallery 3.0.2 when you can. Upgrading is quick and easy! Read on to learn what's new and improved, or
[ Read More... | 3209 bytes more | Score: 0 ]