Bug 130623 - www-apps/gallery-1.5.2_p2 vulnerability
|
Bug#:
130623
|
Product: Gentoo Security
|
Version: unspecified
|
Platform: All
|
|
OS/Version: Linux
|
Status: RESOLVED
|
Severity: minor
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: security@gentoo.org
|
Reported By: rl03@gentoo.org
|
|
Component: Vulnerabilities
|
|
|
URL:
http://gallery.menalto.com/gallery_1.5.3_released
|
|
Summary: www-apps/gallery-1.5.2_p2 vulnerability
|
|
Keywords:
|
|
Status Whiteboard: B4 [noglsa] jaervosz
|
|
Opened: 2006-04-20 10:21 0000
|
From the website:
Gallery 1.5.3 is now available for download. This release is primarily a bug
fix release, but it also includes an important security fix. The fixes:
Security: Not all user input was correctly sanitized for JavaScript injection.
(Thanks to Aditya Mooley at adityamooley@sanisoft.com for reporting this and
giving us plenty of time to fix it!)
1.5.3 in CVS, needs stabling
Thx Renat.
Arches please test and mark stable.
If the latest stable are OK (2.0 line) then maybe no need for a GLSA over this
I don't think a GLSA is needed for this. Though we still have a few arches that
has to mark stable.
stable everywhere. As latest stable is not affected, closing without GLSA
Feel free to reopen if you disagree.
