Site Navigation:
security gallery3-3.0.4-1.el6 security update
Status:stable
Release: Fedora EPEL 6
Update ID: FEDORA-EPEL-2012-6203
Builds: gallery3-3.0.4-1.el6 (logs)
Pushed: True
Date Submitted: 2012-06-19 14:11:03
Date Released: 2012-06-19 16:36:35
Submitter: limb
Karma: 0
Details

Gallery 3.0.4 was released with the following release notes:

After several extensive internal and external security audits which discovered 22 distinct vulnerabilities, we are releasing Gallery 3.0.4 as a security release. All of the issues require that someone with malicious intent either have an account with edit permissions, or trick a user with edit permissions into clicking on a malicious link. In most cases, this can only lead to a possible XSS vulnerability, but in several instances it allows arbitrary PHP code execution.

Bugs Fixed
833189 - gallery: 3.0.4 fixes numerous security flaws [fedora-all]
833190 - gallery: 3.0.4 fixes numerous security flaws [epel-6]
Feedback
bodhi - 2012-06-19 14:11:22
This update has been submitted for testing by limb.
bodhi - 2012-06-19 15:35:04
This update is currently being pushed to the Fedora EPEL 6 testing updates repository.
bodhi - 2012-06-19 17:05:03
This update has been pushed to testing
bodhi - 2012-07-03 22:05:18
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
bodhi - 2012-07-03 22:39:49
This update has been submitted for stable by limb.
bodhi - 2012-07-05 21:35:46
This update is currently being pushed to the Fedora EPEL 6 stable updates repository.
bodhi - 2012-07-05 23:02:48
This update has been pushed to stable

Add a comment

Tip: Login to impact how quickly this update gets pushed or unpushed.
obfuscated letters