gallery2 -- multiple vulnerabilities

ID 4AAB7BCD-B294-11DC-A6F0-00A0CCE0781E
Type freebsd
Reporter FreeBSD
Modified 2010-05-12T00:00:00


The Gallery team reports:

Gallery 2.2.4 addresses the following security vulnerabilities:

Publish XP module - Fixed unauthorized album creation and file uploads. URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink protection. Core / add-item modules - Fixed Cross Site Scripting (XSS) vulnerabilities through malicious file names. Installation (Gallery application) - Update web-accessibility protection of the storage folder for Apache 2.2. Core (Gallery application) / MIME module - Fixed vulnerability in checks for disallowed file extensions in file uploads. Gallery Remote module - Added missing permissions checks for some GR commands. WebDAV module - Fixed Cross Site Scripting (XSS) vulnerability through HTTP PROPPATCH. WebDAV module - Fixed information (item data) disclosure in a WebDAV view. Comment module - Fixed information (item data) disclosure in comment views. Core module (Gallery application) - Improved resilience against item information disclosure attacks. Slideshow module - Fixed information (item data) disclosure in the slideshow. Print modules - Fixed information (item data) disclosure in several print modules. Core / print modules - Fixed arbitrary URL redirection (phishing attacks) in the core module and several print modules. WebCam module - Fixed proxied request weakness.