191587 2007-09-07 12:44 0000 www-apps/gallery < 2.2.3 WebDAV and Reupload Module Data Manipulation Vulnerabilities (CVE-2007-4650) 2007-11-11 14:48:36 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://secunia.com/advisories/26716/ B4 [glsa] P2 minor --- 1 mjf@gentoo.org security@gentoo.org mjf@gentoo.org 2007-09-07 12:44:05 0000 Some vulnerabilities have been reported in Gallery, which can be exploited by malicious users to manipulate data. The vulnerabilities are caused due to unspecified errors within the WebDAV and Reupload modules, which can be exploited to e.g. rename items, change item properties, replace items, or edit item data via WebDAV. The vulnerabilities are reported in versions prior to 2.2.3. mjf@gentoo.org 2007-09-07 12:45:44 0000 CC'ing herd and setting whiteboard status. wrobel@gentoo.org 2007-09-07 14:43:01 0000 Gallery-2.2.3 is in the tree. Since 2.1.2 is apparently vulnerable these are the target archs for stabilization: alpha amd64 hppa ppc ppc64 sparc x86 jer@gentoo.org 2007-09-07 15:35:45 0000 Stable for HPPA. dertobi123@gentoo.org 2007-09-07 17:47:39 0000 ppc stable wolf31o2@gentoo.org 2007-09-07 18:21:39 0000 amd64/x86 done armin76@gentoo.org 2007-09-09 15:53:23 0000 alpha stable corsair@gentoo.org 2007-09-09 16:22:00 0000 ppc64 stable yoswink@gentoo.org 2007-09-12 08:42:43 0000 Installs and works fine in sparc. @Security: we are the last, ready to vote. wrobel@gentoo.org 2007-09-12 08:51:03 0000 Removed the insecure versions from the tree. web-apps is done here. jaervosz@gentoo.org 2007-09-12 09:44:07 0000 I tend to vote YES. py@gentoo.org 2007-09-12 09:45:06 0000 I vote yes. py@gentoo.org 2007-09-25 09:43:10 0000 glsa request filed. py@gentoo.org 2007-11-01 23:51:10 0000 GLSA 200711-03 gringo@slonko.net 2007-11-02 10:54:32 0000 None of the security announcements implicitly mentions gallery-1.x as affected or not. From the announcement we could assume that gallery 1.x is affected as all versions before gallery-2.2.3 are affected, but: - According to page http://codex.gallery2.org/G1-G2_Comparison gallery-1.x does not support WebDAV and does not support module system (patch required) - Secunia website (URL provided in this bug) mentions only 'Gallery 2.x' as affected software This would indicate that gallery-1.x is not affected by this problem, however: mac ~ # glsa-check -lnc affected [A] means this GLSA was already applied, [U] means the system is not affected and [N] indicates that the system might be affected. 200711-03 [N] Gallery: Multiple vulnerabilities ( www-apps/gallery ) CVE-2007-4650 I do have gallery-1.5.7 installed on the system (some people still prefer gallery-1.x as it doesn't require DB backend) py@gentoo.org 2007-11-11 14:48:36 0000 glsa-200711-03.xml finally fixed, thanks for the info.