Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 130623
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Renat Lumpau <rl03@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 130623 depends on: Show dependency tree
Bug 130623 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-04-20 10:21 0000 
From the website:

Gallery 1.5.3 is now available for download. This release is primarily a bug
fix release, but it also includes an important security fix. The fixes: 

Security: Not all user input was correctly sanitized for JavaScript injection.
(Thanks to Aditya Mooley at adityamooley@sanisoft.com for reporting this and
giving us plenty of time to fix it!)

------- Comment #1 From Renat Lumpau 2006-04-20 10:22:14 0000 ------- 
1.5.3 in CVS, needs stabling

------- Comment #2 From Sune Kloppenborg Jeppesen 2006-04-20 10:41:47 0000 ------- 
Thx Renat.

Arches please test and mark stable.

------- Comment #3 From Tobias Scherbaum 2006-04-20 12:03:30 0000 ------- 
ppc stable

------- Comment #4 From Chris Gianelloni (RETIRED) 2006-04-20 12:26:50 0000 ------- 
x86 is done...

------- Comment #5 From René Nussbaumer 2006-04-21 14:32:16 0000 ------- 
stable on hppa

------- Comment #6 From Thierry Carrez (RETIRED) 2006-04-22 03:01:39 0000 ------- 
If the latest stable are OK (2.0 line) then maybe no need for a GLSA over this

------- Comment #7 From Sune Kloppenborg Jeppesen 2006-04-22 03:06:51 0000 ------- 
I don't think a GLSA is needed for this. Though we still have a few arches that
has to mark stable.

------- Comment #8 From Daniel Gryniewicz 2006-04-23 12:15:02 0000 ------- 
amd64 done

------- Comment #9 From Jose Luis Rivero (yoswink) 2006-04-23 16:50:41 0000 ------- 
alpha stable.

------- Comment #10 From Gustavo Zacarias (RETIRED) 2006-04-24 06:54:47 0000 ------- 
sparc stable.

------- Comment #11 From Thierry Carrez (RETIRED) 2006-04-28 11:19:52 0000 ------- 
stable everywhere. As latest stable is not affected, closing without GLSA
Feel free to reopen if you disagree.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug