Package: gallery Severity: grave Version: 1.5.8-1 Tags: security Hi,
The following SA (Secunia Advisory) id was published for gallery. SA32817[1]: > A vulnerability has been reported in Gallery, which can be exploited by > malicious people to bypass certain security restrictions. > > The vulnerability is caused due to an unspecified error when handling > certain cookies, which can be exploited to gain administrative access to > the application. > > Successful exploitation requires that "register_globals" is enabled. > > The vulnerability is reported in Gallery 1.x versions 1.5.8-svn-b34 and > later. If you fix the vulnerability please also make sure to include the CVE id (when one is assigned) in the changelog entry. [1]http://secunia.com/Advisories/32817/ Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
