-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 7 Jan 2007 06:53:48 +0100
Source: gallery2
Binary: gallery2
Architecture: source
Version: 2.0.2-1ubuntu0.1
Distribution: dapper-security
Urgency: low
Maintainer: Michael C. Schultheiss <[EMAIL PROTECTED]>
Changed-By: Stefan Potyra <[EMAIL PROTECTED]>
Description:
gallery2 - web-based photo album written in PHP
Changes:
gallery2 (2.0.2-1ubuntu0.1) dapper-security; urgency=low
.
* SECURITY UPDATE: Fix a PHP local inclusion exploit.
- add sane initialization of $stepOrder array in both
install/index.php and upgrade/index.php.
- Closes: lp#35528.
* Update MANIFEST file to match checksums of both changed files.
* References
http://gallery.menalto.com/2.0.4_and_2.1_rc_2a_update
CVE-2006-1219
Files:
007d943c8f8a11608b4e5c9ce03cf508 603 web optional gallery2_2.0.2-1ubuntu0.1.dsc
2c1cfe8fac793645a3036f3daf61d6a9 11346 web optional
gallery2_2.0.2-1ubuntu0.1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFoSFtH/9LqRcGPm0RAiwvAJwM11wN0w896h59QR9FY68Dn8G3/wCghHIW
8bQX56u9UqXodi8JsAYxqiw=
=qL1U
-----END PGP SIGNATURE-----
** Changed in: gallery2 (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: gallery2 (Ubuntu Dapper)
Status: Fix Committed => Fix Released
--
security hole in 2.0.2/2.0.3
https://launchpad.net/bugs/35528
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
