[SECURITY] [DSA-138-1] Remote execution exploit in gallery
Package : gallery Problem type : remote exploit Debian-specific: no A problem was found in gallery a web-based photo album toolkit: it was possible to pass in the GALLERYBASEDIR variable remotely. This made it possible to execute commands under the uid of web-server. This has been fixed in versio...