Bug 119590

Summary:	www-apps/gallery XSS vulnerability fix
Product:	Gentoo Security	Reporter:	Renat Lumpau (RETIRED) <rl03>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	minor	CC:	web-apps
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Other
URL:	http://gallery.menalto.com/page/gallery_1_5_2_release
Whiteboard:	B4 [glsa] DerCorny
Package list:		Runtime testing required:	---

Description Renat Lumpau (RETIRED) gentoo-dev

2006-01-19 12:09:25 UTC

www-apps/gallery-1.5.2 fixes possible XSS security problem with user names.
gallery-1.5.1 is stable on alpha, amd64, hppa, ppc, sparc, x86.

Comment 1 Stefan Cornelius (RETIRED) gentoo-dev

2006-01-19 12:28:57 UTC

arches please test and mark stable, thx

Comment 2 Gustavo Zacarias (RETIRED) gentoo-dev

2006-01-20 11:54:29 UTC

sparc stable.

Comment 3 René Nussbaumer (RETIRED) gentoo-dev

2006-01-20 14:11:18 UTC

Stable on hppa

Comment 4 Chris White (RETIRED) gentoo-dev

2006-01-20 20:53:53 UTC

x86 stable

Comment 5 Simon Stelling (RETIRED) gentoo-dev

2006-01-21 02:01:14 UTC

amd64 stable

Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev

2006-01-21 08:46:14 UTC

ppc stable

Comment 7 Jose Luis Rivero (yoswink) (RETIRED) gentoo-dev

2006-01-21 11:04:21 UTC

alpha stable

Renet, all arches already have marked 1.5.2 stable. Please, close the bug.

Comment 8 Stefan Cornelius (RETIRED) gentoo-dev

2006-01-21 11:06:46 UTC

ready for glsa-vote, i tend to say no.

Comment 9 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2006-01-21 12:11:41 UTC

We did similar GLSAs in the past, I tend to vote YES.

Comment 10 Stefan Cornelius (RETIRED) gentoo-dev

2006-01-22 11:17:28 UTC

ok, lets have a glsa then

Comment 11 Stefan Cornelius (RETIRED) gentoo-dev

2006-01-27 04:59:17 UTC

GLSA 200601-13

Thanks everybody.