Package: gallery2
Severity: grave
Tags: security
A new version has been released which fixes the following bugs:
* Arbitrary file disclosure through archive upload module - Users with "add
item" permission could retrieve any file on the server that is owned by the
web server account. The problem is caused by incorrect handling of ZIP
archives that contain symbolic links.
The Gallery team would like to thank Alex Ustinov for bringing this issue to
our attention.
* Insecure cookies over HTTPS - When accessing Gallery over HTTPS, cookies
were missing the "secure" flag, leaving the connection vulnerable to cookie
sniffing attacks.
The Gallery team would like to thank Hanno Boeck for bringing this issue to
our attention.
* XSS through malicious Flash files - Flash animations that are embedded in
Gallery are no longer allowed to interact with the embedding page and are no
longer allowed to open network connections.
While this protects visitors of your Gallery from potentially malicious Flash
animations, the Gallery team would like to use this opportunity to remind you
that it is generally highly recommended to only allow trusted users to add any
files to your Gallery.
For more informations, see http://gallery.menalto.com/gallery_2.2.6_released
Thanks and with kind regards, Jan.
--
Never write mail to <[EMAIL PROTECTED]>, you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.1
GIT d-- s+: a- C+++ UL P+ L+++ E- W+++ N+++ o++ K++ w--- O M V- PS PE
Y++ PGP++ t-- 5 X R tv- b+ DI- D++ G++ e++ h-- r+++ y+++
--END GEEK CODE BLOCK--
signature.asc
Description: This is a digitally signed message part.
