From the website: Gallery 1.5.3 is now available for download. This release is primarily a bug fix release, but it also includes an important security fix. The fixes: Security: Not all user input was correctly sanitized for JavaScript injection. (Thanks to Aditya Mooley at adityamooley@sanisoft.com for reporting this and giving us plenty of time to fix it!)
1.5.3 in CVS, needs stabling
Thx Renat. Arches please test and mark stable.
ppc stable
x86 is done...
stable on hppa
If the latest stable are OK (2.0 line) then maybe no need for a GLSA over this
I don't think a GLSA is needed for this. Though we still have a few arches that has to mark stable.
amd64 done
alpha stable.
sparc stable.
stable everywhere. As latest stable is not affected, closing without GLSA Feel free to reopen if you disagree.