Menalto comes up with Gallery v1.4.4 pl 4: upgrade recommended
Date:
Thursday, November 04 @ 14:38:04 CET
Topic:
Modules
the developers of the
Gallery-Team @ Menalto.com
come up with the
Gallery 1.4.3 -pl4 (Patch Level4) (demo)
the
newest version: whats new in Gallery v1.4.4 pl 4:
"Jim Paris discovered a few security problems in Gallery which have been addressed in 1.4.4-pl4. The primary problem is a cross site scripting vulnerability which allows code to be inserted into a Gallery by using specially formed URLs. This code then appears to be part of the Gallery.
No risk is posed to the webserver-itself or any non-Gallery data, but a Gallery install could be compromised using appropriate code.
All Gallery users
are
very strongly urged to upgrade
to 1.4.4-pl4 immediately, which fixes this serious problem and will secure your system.
Download 1.4.4-pl 4
from the Gallery Download Page at SourceForge [here].
Read more at Gallery.Menalto.com for more infos and instructions.
the Download of
Gallery v1.4.4 pl 4 on
SourceForge Download Page
For Menalto Gallery and phpNuke support, visit
NukedGallery.net
.
This article comes from NukeCops
http://www.nukecops.com
The URL for this story is:
http://www.nukecops.com/modules.php?name=News&file=article&sid=3071