NukeCops - Gallery 2.1 Release Candidate 2 released

Brandnew on gallery.menalto.com - new and enhanced gallery-modules for PHP-Nuke :: travel over and get your copy today!

Actual releases: Gallery 2.0.4 :: Gallery 2.1 Release Candidate 2a :: Gallery 1.5.2-pl2 :: Gallery Remote 1.5

Gallery 2.0.4 release / 2.1-RC-2a [article]: "Thanks once again to James Bercegay from GulfTech Security Research for tipping us off to a security vulnerability in Gallery 2.0.3 and the 2.1 release candidates. Your installation is only vulnerable if you have the register_globals PHP setting enabled. If you're vulnerable, an attacker can use this to execute a "local inclusion" exploit, or run code that's already on your server. This is especially dangerous if you allow upload privileges to users you don't trust, and your g2data directory is in a predictable location. We have released Gallery 2.0.4 and 2.1-RC-2a to fix this vulnerability, but it's also very easily patched by hand if you don't want to install a complete update. Read on for more details on how to quickly secure your Gallery install.

This vulnerability affects all versions of Gallery 2.x, but Gallery 1.x is not affected. If you're using Gallery 2.x we strongly recommend that you upgrade or secure your Gallery installation as soon as possible!

Please follow our upgrading instructions and download and install the latest release."

Get more infos and read the fully covered story on our dev-site. get your copy today - download it from here. please share your infos with the community. Thanks for your continued support! Read on for more details about the newest galleries