Multiple vulnerabilities in Gallery may lead to execution of arbitrary code, disclosure of local files or theft of user's credentials.
|Package||www-apps/gallery on all architectures|
|Affected versions||< 2.2.6|
|Unaffected versions||>= 2.2.6
revision >= 1.5.9
revision >= 1.5.10
Gallery is an open source web based photo album organizer.
Multiple vulnerabilities have been discovered in Gallery 1 and 2:
Remote attackers could send specially crafted requests to a server running Gallery, allowing for the execution of arbitrary code when register_globals is enabled, or read arbitrary files via directory traversals otherwise. Attackers could also entice users to visit crafted links allowing for theft of login credentials.
There is no known workaround at this time.
All Gallery 2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-apps/gallery-2.2.6"
All Gallery 1 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-apps/gallery-1.5.9"