- A very major data loss issue with the zip download component. If a zip file is not successfully created, Gallery 1.5.2 and Gallery 1.5.2-pl1 will try and delete many more files than they should. - A very minor security problem where a user with write access to a server could create a specially formatted file, coerce someone with owner privileges in the Gallery to click on a specially formatted link, which could modify stored album data and possibly lead to local code execution. We thank Tom Saville (seregon at bughunter dot net) and his team from Digital Armaments for reporting this us and giving us time to get a patch out.
1.5.2_p2 in CVS
Arches please test and mark stable.
kthxx86done
sparc stable.
amd64 stable
alpha stable
ppc stable
hppa stable
ready for glsa vote, i tend to NO (if we dont get enough votes in time, you may also count this as full no ;)
I vote NO.
No and closing.