LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: August 15th, 2014
Linux Advisory Watch: August 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora 7 Update: gallery2-2.2-0.7.. Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora Security fix release for Gallery 2.2 series. Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in (a) WebDAV and (b) Reupload modules.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2020
2007-09-04 15:14:17.855353
--------------------------------------------------------------------------------

Name        : gallery2
Product     : Fedora 7
Version     : 2.2
Release     : 0.7.svn20070831.fc7
Summary     : Customizable photo gallery web site
Description :
The base Gallery 2 installation - the equivalent of upstream's -minimal
package.  This package requires a database to be operational.  Acceptable
database backends include MySQL v 3.x, MySQL v 4.x, PostgreSQL v 7.x,
PostgreSQL v 8.x, Oracle 9i, Oracle 10g, DB2, and MS SQL Server.  All given
package versions are minimums, greater package versions are acceptable.

--------------------------------------------------------------------------------
Update Information:

Security fix release for Gallery 2.2 series.

CVE text:
Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow
 attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in (a) WebDAV and (b) Reupload modules.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Aug 31 2007 John Berninger  - 2.2-0.7.svn20070831
- update to 2.2.3 SVN snapshot to fix security vuln's - bz 267421
* Tue Jun  5 2007 John Berninger  - 2.2-0.6.svn20070506
- Fix escaping syntax problem in post scriptlet
* Tue May 15 2007 John Berninger  - 2.2-0.5.svn20070506
- README file update and new build
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #267421
        https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=267421
  [ 2 ] CVE-2007-4650
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4650
--------------------------------------------------------------------------------
Updated packages:

88621bd23f0b42089540466c7c5a0cadfe7301a6 gallery2-webdav-2.2-0.7.svn20070831.fc7.noarch.rpm
09764681331b4181f3cf469e205ace7676b9fa83 gallery2-imageframe-2.2-0.7.svn20070831.fc7.noarch.rpm
3f822069aeaa9d270869b35fe3c6a65083ccc395 gallery2-mp3audio-2.2-0.7.svn20070831.fc7.noarch.rpm
e5a0c1ceb0c89de540f95b575a707137b7d413a1 gallery2-sitemap-2.2-0.7.svn20070831.fc7.noarch.rpm
bb0733debf3e4b2663fb546c67f7699291aa1566 gallery2-publishxp-2.2-0.7.svn20070831.fc7.noarch.rpm
aab858907be12e53f4e8336f6ce2d366c5839887 gallery2-hybrid-2.2-0.7.svn20070831.fc7.noarch.rpm
056a695c31e598c02679e13ba4f388e0130c5104 gallery2-search-2.2-0.7.svn20070831.fc7.noarch.rpm
2ea3cba835df9b31faedcd33e69571df9b1ff5a2 gallery2-dynamicalbum-2.2-0.7.svn20070831.fc7.noarch.rpm
cd3fa81432d4042d4218b1cb14c96e5a4627fe07 gallery2-exif-2.2-0.7.svn20070831.fc7.noarch.rpm
2d222b2ec2a95bc79a093e85522f151916738992 gallery2-digibug-2.2-0.7.svn20070831.fc7.noarch.rpm
8fc278b1010dd4594cbcd6e60a2b8647d75e0eb0 gallery2-albumselect-2.2-0.7.svn20070831.fc7.noarch.rpm
40e33486694f2399a7673fc2133188cb58b301b1 gallery2-panorama-2.2-0.7.svn20070831.fc7.noarch.rpm
ec1ed8c61619804efbe803e046f3d936b0b7c259 gallery2-rearrange-2.2-0.7.svn20070831.fc7.noarch.rpm
0ec0fd2ffbe89a01694be969a08f92f8ad3cc935 gallery2-slider-2.2-0.7.svn20070831.fc7.noarch.rpm
010ac37bd87925f33b42f6273522c0253ab4eb53 gallery2-thumbnail-2.2-0.7.svn20070831.fc7.noarch.rpm
1ac541609b9b9e38ef83dead4771050c0f1005db gallery2-imageblock-2.2-0.7.svn20070831.fc7.noarch.rpm
9a0102ef9dbad52ba37163cf11b0567b952ffdf2 gallery2-slideshow-2.2-0.7.svn20070831.fc7.noarch.rpm
34bb11b7021f4a086cdf7000a43b0c9764b6c24f gallery2-floatrix-2.2-0.7.svn20070831.fc7.noarch.rpm
9334e323d4e85f940d5b357ab3315ad5df80473c gallery2-thumbpage-2.2-0.7.svn20070831.fc7.noarch.rpm
d51187c71fde1e9fa5ecf46912b979189f70e294 gallery2-uploadapplet-2.2-0.7.svn20070831.fc7.noarch.rpm
20cbede2dd4a12132798798e8bb318de7ced775f gallery2-keyalbum-2.2-0.7.svn20070831.fc7.noarch.rpm
56f44d4f24dfa2de2e08a56409469d69368f4efb gallery2-classic-2.2-0.7.svn20070831.fc7.noarch.rpm
ca77bac796bd5b989c092dde7aefedd55b117f46 gallery2-rewrite-2.2-0.7.svn20070831.fc7.noarch.rpm
dc170a805c98642056a63b54c640561410b21032 gallery2-linkitem-2.2-0.7.svn20070831.fc7.noarch.rpm
ba1b8944e6c6b7a359d6b32b2d20ce8517ead642 gallery2-ffmpeg-2.2-0.7.svn20070831.fc7.noarch.rpm
40278f544973ce2726b75c7956cd0a5ce1e70dda gallery2-quotas-2.2-0.7.svn20070831.fc7.noarch.rpm
532e95ad1e75c90e80c6ee9b2bcbd508de0e2d71 gallery2-rss-2.2-0.7.svn20070831.fc7.noarch.rpm
213bd45a7892e237e33d699f91dbe705ebb7b2d9 gallery2-cart-2.2-0.7.svn20070831.fc7.noarch.rpm
bf87b8398e088801d48c286ae662f579542439b3 gallery2-netpbm-2.2-0.7.svn20070831.fc7.noarch.rpm
50cca98479bbc76e887aa54dca13060213a6608a gallery2-photoaccess-2.2-0.7.svn20070831.fc7.noarch.rpm
d689a9646be3797a01034f8a0885f9185c0f4db9 gallery2-zipcart-2.2-0.7.svn20070831.fc7.noarch.rpm
0146cd4b93a2e82a49dea70abbc21fcb296effae gallery2-fotokasten-2.2-0.7.svn20070831.fc7.noarch.rpm
d731079f413f7eb8ccab7f93e38992b0d6cbeb51 gallery2-rating-2.2-0.7.svn20070831.fc7.noarch.rpm
9b654f64526c1a106bfa6fedf92e32e990c48e06 gallery2-dcraw-2.2-0.7.svn20070831.fc7.noarch.rpm
92d57825601ad550722bbb366c799ca869bdad2c gallery2-flashvideo-2.2-0.7.svn20070831.fc7.noarch.rpm
28d14edc4f3a53487bd6cc8d6a27cd77d7207a38 gallery2-carbon-2.2-0.7.svn20070831.fc7.noarch.rpm
4108e663a92e58c965aa00509c42de3bbc741eeb gallery2-watermark-2.2-0.7.svn20070831.fc7.noarch.rpm
4fcf756fc13ba2c5975c64c8071fdbd4b5b2ad1e gallery2-matrix-2.2-0.7.svn20070831.fc7.noarch.rpm
eabe07116b7ea4553a89eb7e189c564986d6668f gallery2-icons-2.2-0.7.svn20070831.fc7.noarch.rpm
1d80ed8d142cd61ce1aeca8a7d0875ef92d9584e gallery2-webcam-2.2-0.7.svn20070831.fc7.noarch.rpm
771fa8e60976d3b8984350beea4649b97f7045bc gallery2-hidden-2.2-0.7.svn20070831.fc7.noarch.rpm
873de50e4e58ff2e57e33edfae1a2734e5f7fee7 gallery2-useralbum-2.2-0.7.svn20070831.fc7.noarch.rpm
ef71a69377545ff165ddd64f9556874d8c449025 gallery2-slideshowapplet-2.2-0.7.svn20070831.fc7.noarch.rpm
7249dfefce3bdca4fcff5e165ec0efd7745065d2 gallery2-nokiaupload-2.2-0.7.svn20070831.fc7.noarch.rpm
a075e683f85d01e09548c79fd2193017e2343f3b gallery2-debug-2.2-0.7.svn20070831.fc7.noarch.rpm
56b5213f14a544808dda13dcf1457dfb9ae8bdcd gallery2-getid3-2.2-0.7.svn20070831.fc7.noarch.rpm
290c66cc67e350b804fda80742300eec7f7b54fe gallery2-colorpack-2.2-0.7.svn20070831.fc7.noarch.rpm
9c4f9aef194dd70dcc20b10b414e2450ca0906cc gallery2-tile-2.2-0.7.svn20070831.fc7.noarch.rpm
7538c5e4ea9c26590c68a46e75b8d2f70a9c90a0 gallery2-mime-2.2-0.7.svn20070831.fc7.noarch.rpm
5d11f742e625b447ce3536495a32dcc67132d9ac gallery2-register-2.2-0.7.svn20070831.fc7.noarch.rpm
8f827f090d51c2fefb6e7cec95e942c58d12b6a7 gallery2-sizelimit-2.2-0.7.svn20070831.fc7.noarch.rpm
01b67e0ab1f5caae5c9ad94b349c1748a80b1976 gallery2-permalinks-2.2-0.7.svn20070831.fc7.noarch.rpm
68eb2f3fe8aa2290fc563103910a76c04a59359c gallery2-members-2.2-0.7.svn20070831.fc7.noarch.rpm
390cc66b115187c8939245b7df480a080d8ebf0b gallery2-captcha-2.2-0.7.svn20070831.fc7.noarch.rpm
e53af19ebbcf67c250c144b1bbc63b4cbd0de5bd gallery2-replica-2.2-0.7.svn20070831.fc7.noarch.rpm
3092699debb91637d141622f49135ed4a4553351 gallery2-newitems-2.2-0.7.svn20070831.fc7.noarch.rpm
b6eab7d0cfc1699ed7b1f01dcb65db0f7b47eb09 gallery2-ecard-2.2-0.7.svn20070831.fc7.noarch.rpm
0ad2e90d89b7b9dc174c79875fb3f8770ca17e3a gallery2-ajaxian-2.2-0.7.svn20070831.fc7.noarch.rpm
89cc36d55cbd8bf31a9aa37c7c5a626340980139 gallery2-imagemagick-2.2-0.7.svn20070831.fc7.noarch.rpm
affbb58f8bb82e5e84c6942f98c64523bd2e7fc9 gallery2-gd-2.2-0.7.svn20070831.fc7.noarch.rpm
73f2cfeda8d176a6164eafa36fff5cf070a5a858 gallery2-picasa-2.2-0.7.svn20070831.fc7.noarch.rpm
f51fd11e1a623ac4cb582534ee3eaef2e915ceb2 gallery2-squarethumb-2.2-0.7.svn20070831.fc7.noarch.rpm
8958e24bb79c4f318b6b8771aa59950bc4867251 gallery2-remote-2.2-0.7.svn20070831.fc7.noarch.rpm
3c34e39b6c05e4593330989219d353ac331f9801 gallery2-comment-2.2-0.7.svn20070831.fc7.noarch.rpm
4be9a26c00834eb62f9e5bbeaea4f9698898b9b9 gallery2-shutterfly-2.2-0.7.svn20070831.fc7.noarch.rpm
f8c104925bfb8310d183befc0ee0ddc7596efe0b gallery2-httpauth-2.2-0.7.svn20070831.fc7.noarch.rpm
9190553d0154eb42b23ba2c6f116ccfe7820dbe7 gallery2-customfield-2.2-0.7.svn20070831.fc7.noarch.rpm
deeecd5b5c873a2d2ebfd21faede34ef109dcbfa gallery2-2.2-0.7.svn20070831.fc7.noarch.rpm
45a2ee3bebe765f80b2ccdada1dedbd57801a10c gallery2-archiveupload-2.2-0.7.svn20070831.fc7.noarch.rpm
e5191bf68a1171a18b381a04d662e79848530b13 gallery2-multiroot-2.2-0.7.svn20070831.fc7.noarch.rpm
ccd81fce65788c5d873232be4df4543587b82509 gallery2-migrate-2.2-0.7.svn20070831.fc7.noarch.rpm
404668228507ccecb0c0718f3fc869e36830b316 gallery2-multilang-2.2-0.7.svn20070831.fc7.noarch.rpm
1fdaf896d3797a9ca5c0e3d7e00d95342df63f79 gallery2-password-2.2-0.7.svn20070831.fc7.noarch.rpm
7dd80612c4e4c09bb135335507d3176a1f895097 gallery2-randomhighlight-2.2-0.7.svn20070831.fc7.noarch.rpm
4da1be469776a4fbbef823af8197c1d9e95126c3 gallery2-reupload-2.2-0.7.svn20070831.fc7.noarch.rpm
8f06a62e74a73c945ab39dfc337f51de1c1b7861 gallery2-itemadd-2.2-0.7.svn20070831.fc7.noarch.rpm
fccff28b6413c275c871005a72e60cd9bea398e9 gallery2-siriux-2.2-0.7.svn20070831.fc7.noarch.rpm
f833f46d8fa4b5c29af36c5b437451727d7f9403 gallery2-2.2-0.7.svn20070831.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
State-of-the-art spear phishing and defenses
Linux kernel source code repositories get better security
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.