First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 130623
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Renat Lumpau <rl03@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 130623 depends on: Show dependency tree
Bug 130623 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-04-20 10:21 0000 
From the website:

Gallery 1.5.3 is now available for download. This release is primarily a bug
fix release, but it also includes an important security fix. The fixes: 

Security: Not all user input was correctly sanitized for JavaScript injection.
(Thanks to Aditya Mooley at adityamooley@sanisoft.com for reporting this and
giving us plenty of time to fix it!)

------- Comment #1 From Renat Lumpau 2006-04-20 10:22:14 0000 ------- 
1.5.3 in CVS, needs stabling

------- Comment #2 From Sune Kloppenborg Jeppesen 2006-04-20 10:41:47 0000 ------- 
Thx Renat.

Arches please test and mark stable.

------- Comment #3 From Tobias Scherbaum 2006-04-20 12:03:30 0000 ------- 
ppc stable

------- Comment #4 From Chris Gianelloni (RETIRED) 2006-04-20 12:26:50 0000 ------- 
x86 is done...

------- Comment #5 From René Nussbaumer 2006-04-21 14:32:16 0000 ------- 
stable on hppa

------- Comment #6 From Thierry Carrez (RETIRED) 2006-04-22 03:01:39 0000 ------- 
If the latest stable are OK (2.0 line) then maybe no need for a GLSA over this

------- Comment #7 From Sune Kloppenborg Jeppesen 2006-04-22 03:06:51 0000 ------- 
I don't think a GLSA is needed for this. Though we still have a few arches that
has to mark stable.

------- Comment #8 From Daniel Gryniewicz 2006-04-23 12:15:02 0000 ------- 
amd64 done

------- Comment #9 From Jose Luis Rivero (yoswink) 2006-04-23 16:50:41 0000 ------- 
alpha stable.

------- Comment #10 From Gustavo Zacarias (RETIRED) 2006-04-24 06:54:47 0000 ------- 
sparc stable.

------- Comment #11 From Thierry Carrez (RETIRED) 2006-04-28 11:19:52 0000 ------- 
stable everywhere. As latest stable is not affected, closing without GLSA
Feel free to reopen if you disagree.
First Last Prev Next    No search results available      Search page      Enter new bug