|
Gallery Unspecified Remote HTML Injection Vulnerability
Solution: The vendor has released an upgrade dealing with this issue. Debian has released an advisory (DSA 642-1) and fixes that address this and other issues in gallery. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates. Gentoo Linux has released advisory GLSA 200411-10:01 to address this issue in Gallery. Users of the affected package are urged to execute the following commands with superuser privileges to install the updates: emerge --sync emerge --ask --oneshot --verbose ">=www-apps/gallery-1.4.4_p4" It is reported that the fixes released by the vendor to address this issue are ineffective. Gallery 1.4.4-pl2 is still considered vulnerable to cross-site scripting attacks. The fixes are being removed. Gallery Gallery 1.4 -pl2
Gallery Gallery 1.4 -pl1
Gallery Gallery 1.4
Gallery Gallery 1.4.1
Gallery Gallery 1.4.2
Gallery Gallery 1.4.3 -pl2
Gallery Gallery 1.4.3 -pl1
Debian Linux 3.0 s/390
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0 mips
Debian Linux 3.0 mipsel
Debian Linux 3.0 m68k
Debian Linux 3.0 sparc
Debian Linux 3.0 ia-64
Debian Linux 3.0 hppa
Debian Linux 3.0 ppc
Debian Linux 3.0 ia-32
|
|
 Privacy Statement |
