----------------------------------------------------------------------

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI
has been released. The new version includes many new and advanced
features, which makes it even easier to stay patched.

Download and test it today:
https://psi.secunia.com/

Read more about this new version:
https://psi.secunia.com/?page=changelog

----------------------------------------------------------------------

TITLE:
Fedora update for gallery2

SECUNIA ADVISORY ID:
SA28246

VERIFY ADVISORY:
http://secunia.com/advisories/28246/

CRITICAL:
Highly critical

IMPACT:
Security Bypass, Cross Site Scripting, Exposure of sensitive
information, System access

WHERE:
>From remote

OPERATING SYSTEM:
Fedora 7
http://secunia.com/product/15552/
Fedora 8
http://secunia.com/product/16769/

DESCRIPTION:
Fedora has issued an update for gallery2. This fixes some
vulnerabilities and a weakness, where some have unspecified impacts
and others can be exploited by malicious users or malicious people to
disclose sensitive information, conduct cross-site scripting attacks,
bypass certain security restrictions, and potentially compromise a
vulnerable system.

For more information:
SA28163

SOLUTION:
Apply updated packages.

-- Fedora 7 --

7468ab4b2740190b9e8fc7daa1db5b280aef25c3
gallery2-getid3-2.2.4-1.fc7.noarch.rpm
a3196a8b0f5d0e24c8527a646cce4f5f8f278262
gallery2-webdav-2.2.4-1.fc7.noarch.rpm
98084156262beafc6dda43c83ee44f39f5b9d6b9
gallery2-webcam-2.2.4-1.fc7.noarch.rpm
a5d94f4f257512cb509fe7a0fdd9e36b52918a8e
gallery2-newitems-2.2.4-1.fc7.noarch.rpm
35ae8051695e992828253800b6e48e68f6cd3204
gallery2-keyalbum-2.2.4-1.fc7.noarch.rpm
4199464ef69520f3db9357b142ea4da1c57b5d5c
gallery2-exif-2.2.4-1.fc7.noarch.rpm
a7d8b216c3833b13e30bc972a04d216790776895
gallery2-uploadapplet-2.2.4-1.fc7.noarch.rpm
996d222d4ee61680355ad15f006c9952abb22471
gallery2-multiroot-2.2.4-1.fc7.noarch.rpm
cc5d4a73b0b6da100c9e70c00b92cb51356d555c
gallery2-reupload-2.2.4-1.fc7.noarch.rpm
30e1cd276de262df550949c3bef0423d75e9adfa
gallery2-captcha-2.2.4-1.fc7.noarch.rpm
cb9a9856395f350595f1e5ad41939c815b4e7af0
gallery2-carbon-2.2.4-1.fc7.noarch.rpm
22e25604e1c59c22c2d62a1e22700b85849fe41c
gallery2-replica-2.2.4-1.fc7.noarch.rpm
4f0b36a254c568ec147e6564b7986579290ddca0
gallery2-hybrid-2.2.4-1.fc7.noarch.rpm
1e801f61a5df1bc6f6570bf05000a4a38365cc5f
gallery2-siriux-2.2.4-1.fc7.noarch.rpm
54d9174ad8c8c75ff76eb17e8dd537a91bf8590e
gallery2-digibug-2.2.4-1.fc7.noarch.rpm
efeb459cf2bd55ca0c42351484a40720b9e77c5a
gallery2-shutterfly-2.2.4-1.fc7.noarch.rpm
9d9fd66b8ab6971804d44de49ba9aff73089c965
gallery2-migrate-2.2.4-1.fc7.noarch.rpm
9c2f7b8c0394403dcbbfe7c00677464e7d894abe
gallery2-zipcart-2.2.4-1.fc7.noarch.rpm
d80d2257f12775a8e369b359e891895098879663
gallery2-debug-2.2.4-1.fc7.noarch.rpm
1bc08f69932f298324229acd1a18ee7dbb931c15
gallery2-thumbpage-2.2.4-1.fc7.noarch.rpm
d3a965810629ac02eded01bb6facadae5b89c8ac
gallery2-imageframe-2.2.4-1.fc7.noarch.rpm
82b5d959868bf1845fe7993efca18d84831c479b
gallery2-matrix-2.2.4-1.fc7.noarch.rpm
534dd17d868581184ab3cd36111da53ddc73c162
gallery2-gd-2.2.4-1.fc7.noarch.rpm
ee6e8d9d36d9a6da2882f1db5132c8e672578e8e
gallery2-slideshow-2.2.4-1.fc7.noarch.rpm
f667ed51bb6e636c7bcefa472bfcc2446c4d22e9
gallery2-search-2.2.4-1.fc7.noarch.rpm
eaffc7dbe948825e6e43181081b7ce74afe7ef0f
gallery2-quotas-2.2.4-1.fc7.noarch.rpm
df4c5e5aa99c47a1a4090c1548ea27a26eec7be0
gallery2-publishxp-2.2.4-1.fc7.noarch.rpm
42be146390d3a47345819295d8ed735c08846774
gallery2-comment-2.2.4-1.fc7.noarch.rpm
a60780c32b3d58644e6262573f7e37c7cbfbedab
gallery2-dcraw-2.2.4-1.fc7.noarch.rpm
bdd1d4e0071eaa79c925c983de04e670ce7f9377
gallery2-register-2.2.4-1.fc7.noarch.rpm
f17027a180afe6eff9970b51db2d229621d9d627
gallery2-remote-2.2.4-1.fc7.noarch.rpm
922dfa058f54c3808239dc5ccafe7fb3e334b5c2
gallery2-mime-2.2.4-1.fc7.noarch.rpm
978a44449617b7e8172d06dfa6fd3dcab8bc77e0
gallery2-ecard-2.2.4-1.fc7.noarch.rpm
38794b03b74e250f9bf73f747b77630b93b697e4
gallery2-password-2.2.4-1.fc7.noarch.rpm
32afd163324f00523a92968957ee9663a1e0137e
gallery2-sizelimit-2.2.4-1.fc7.noarch.rpm
887a8476439cdbd46431f76559dd8a5cfd66cb00
gallery2-rewrite-2.2.4-1.fc7.noarch.rpm
7c0348bfd4c0fd41e107c67515920f0c695f17a3
gallery2-permalinks-2.2.4-1.fc7.noarch.rpm
df8df84e09e082383860de866cda0f277fa06910
gallery2-randomhighlight-2.2.4-1.fc7.noarch.rpm
c0634f6957319537fee698650cb86e2ec11e2028
gallery2-useralbum-2.2.4-1.fc7.noarch.rpm
9ff7cf37aea7f71a1ed5732a7b31c3d1e2418187
gallery2-floatrix-2.2.4-1.fc7.noarch.rpm
a228c3bb528ee194663ebddff9488f79c603893a
gallery2-itemadd-2.2.4-1.fc7.noarch.rpm
9ef4dbb35588fa502695f25687e453e6cbedd940
gallery2-rating-2.2.4-1.fc7.noarch.rpm
5363166a47cc0c59b245fe499a0cbbe62cb2cccb
gallery2-netpbm-2.2.4-1.fc7.noarch.rpm
509598ba01ac6bd1fd2561547accca61f9049c24
gallery2-customfield-2.2.4-1.fc7.noarch.rpm
6b1c9b613804bc9ca74ae5276fb26c0cc2a34337
gallery2-mp3audio-2.2.4-1.fc7.noarch.rpm
6483d0bba835671915ba73894a629fbb24233a24
gallery2-picasa-2.2.4-1.fc7.noarch.rpm
a73baa88b60aa94bb2192ec056c1004929ae6406
gallery2-fotokasten-2.2.4-1.fc7.noarch.rpm
edd10ade63ff9bd739ff3dfcb3c72dc85341520c
gallery2-classic-2.2.4-1.fc7.noarch.rpm
325f5501c5a3c8a2a2e5c23c2b2403aee9a915c2
gallery2-2.2.4-1.fc7.noarch.rpm
78ad46c603d03970f5b4e2e074e07806982ff5a7
gallery2-dynamicalbum-2.2.4-1.fc7.noarch.rpm
6c4b46881c19dc25c35b2e84ad86d4509c7b6e25
gallery2-tile-2.2.4-1.fc7.noarch.rpm
9a23bade788d751566cdeb41aced929699247c62
gallery2-nokiaupload-2.2.4-1.fc7.noarch.rpm
54a4291783269f1b40d316b47450958681b9b71a
gallery2-archiveupload-2.2.4-1.fc7.noarch.rpm
7214ea366599f9482b4ef60d1e857b00b5de31cb
gallery2-slideshowapplet-2.2.4-1.fc7.noarch.rpm
d8098cd1e68c724d02c817c0a0a665b979fe59c4
gallery2-thumbnail-2.2.4-1.fc7.noarch.rpm
c9652c7930884b702a8b4c71dcc087c36bd70563
gallery2-multilang-2.2.4-1.fc7.noarch.rpm
9acabfd47019b36717fa9ee117faa46535ac10aa
gallery2-photoaccess-2.2.4-1.fc7.noarch.rpm
c5a2a304c1b48d6e5ab5dffa124e2f6663602e26
gallery2-members-2.2.4-1.fc7.noarch.rpm
edf5be57ab09a950b94f66c705ec9c93ac8d3317
gallery2-slider-2.2.4-1.fc7.noarch.rpm
48a4f6a915c76dfd1fbaf987ce469bb0e421ea72
gallery2-watermark-2.2.4-1.fc7.noarch.rpm
9089cabb33b8b6241cc393883439bb0af5a61d4d
gallery2-cart-2.2.4-1.fc7.noarch.rpm
5230ee706c9e9500d4acdcb7cf7df9827cbaabb4
gallery2-sitemap-2.2.4-1.fc7.noarch.rpm
d023efa13db5f3242da6d0d6cb2b004b7190022e
gallery2-colorpack-2.2.4-1.fc7.noarch.rpm
d996facbe3f64b7de7b794a1b9458a6e039edd27
gallery2-imagemagick-2.2.4-1.fc7.noarch.rpm
97cc1941349133abf41e224a4bc7ea564dcf06ae
gallery2-icons-2.2.4-1.fc7.noarch.rpm
4544e4bd162e23b3e4b9612d5be6e022026dcb6a
gallery2-flashvideo-2.2.4-1.fc7.noarch.rpm
78f285feba53bc4b0d2769083a0bda297351309b
gallery2-rearrange-2.2.4-1.fc7.noarch.rpm
1ba99b2d17acbc200508fe0e1dcaf2696e5fd202
gallery2-rss-2.2.4-1.fc7.noarch.rpm
fc2f523526ca2295a70d6899611bc213bf8fb0b2
gallery2-linkitem-2.2.4-1.fc7.noarch.rpm
17e4344b95f1e55d5081b2bad537d4d5546c0fc2
gallery2-hidden-2.2.4-1.fc7.noarch.rpm
9d8e6c90be61a141c1d226ed3df89c261629e5de
gallery2-panorama-2.2.4-1.fc7.noarch.rpm
f860b6471f79494a44441092b0b910f56102d23f
gallery2-albumselect-2.2.4-1.fc7.noarch.rpm
8ff0c4ca440ba03172118a55fd6ddcd43ab05852
gallery2-squarethumb-2.2.4-1.fc7.noarch.rpm
9dd41f918212545af00ecce8ea056a7fbf4a386b
gallery2-httpauth-2.2.4-1.fc7.noarch.rpm
56cc50db4a0ebc0ee8fa88c3b0cfec367281ef44
gallery2-ajaxian-2.2.4-1.fc7.noarch.rpm
60fae5ccf668bd7e02c2a85d2680dbe5ee22ff5f
gallery2-imageblock-2.2.4-1.fc7.noarch.rpm
96a9a191f870dbc6ed356081760f1cfd2b5e0a2c
gallery2-ffmpeg-2.2.4-1.fc7.noarch.rpm
8646c95b471644a07510e9a059e30d7db79eba32
gallery2-2.2.4-1.fc7.src.rpm

-- Fedora 8 --

c5938d37eb3a782ed6464c51a9fa4c03e34bdb42
gallery2-tile-2.2.4-1.fc8.noarch.rpm
5d5da09559f218759e124092a008f20e99f848b9
gallery2-slider-2.2.4-1.fc8.noarch.rpm
688eae495648132ecac745a04d9c9f509ad4d53c
gallery2-siriux-2.2.4-1.fc8.noarch.rpm
ffb39961228b36eadf6c07758213180e7adf80e7
gallery2-matrix-2.2.4-1.fc8.noarch.rpm
bc33214ce3f2dc4ad9de570d2d0dc5f67327eb89
gallery2-hybrid-2.2.4-1.fc8.noarch.rpm
7f824793e8049c44866bb1dc0046e62463a4151c
gallery2-floatrix-2.2.4-1.fc8.noarch.rpm
36cb79c5b8c293835d9f1b6ce053834bb47e82cf
gallery2-classic-2.2.4-1.fc8.noarch.rpm
a3518c1f1882965695b4498c9ae1110ec25aeedf
gallery2-carbon-2.2.4-1.fc8.noarch.rpm
034d77d7fb1d2499f79906d0c8da115eff117c03
gallery2-ajaxian-2.2.4-1.fc8.noarch.rpm
8ae09a40f2c0bb906bd7c72734dc8bf7e3f65fde
gallery2-zipcart-2.2.4-1.fc8.noarch.rpm
76cb6114f665e3e2f17aee844b68ae635a689834
gallery2-webdav-2.2.4-1.fc8.noarch.rpm
db424b3a0ba75f4f63e3f7cb032637d96a1e5ccc
gallery2-webcam-2.2.4-1.fc8.noarch.rpm
45e5c4768a8eaa552f0d28b22694dadaeb9eacf4
gallery2-watermark-2.2.4-1.fc8.noarch.rpm
ac643b8c4f66a0d2f1ddd3e2d6b91b9e698abdd5
gallery2-useralbum-2.2.4-1.fc8.noarch.rpm
079af7652cbf7e992d9376667fa6a06f0b44f54c
gallery2-uploadapplet-2.2.4-1.fc8.noarch.rpm
d98bc09d0d839b062dead1bb53cf37b5694eaf39
gallery2-thumbpage-2.2.4-1.fc8.noarch.rpm
a0ce706bfdc3c63b189921f0d452c70b9b72299c
gallery2-thumbnail-2.2.4-1.fc8.noarch.rpm
83273fc9bddd8b8e946b96276ea0c498389f906f
gallery2-squarethumb-2.2.4-1.fc8.noarch.rpm
b20c6cdcb1b63e9630c705f1a03795f9222e9550
gallery2-slideshowapplet-2.2.4-1.fc8.noarch.rpm
2c454b2f8505b8bb6645d13eb18d43164ed1ec5c
gallery2-slideshow-2.2.4-1.fc8.noarch.rpm
ae102f8d34378f0bf309b2325da5138e1ebed565
gallery2-sizelimit-2.2.4-1.fc8.noarch.rpm
662a3cacf0c8f3cb297359bebc0ea0cfd02bd983
gallery2-sitemap-2.2.4-1.fc8.noarch.rpm
0bcf155a7d077997b37a7e8c3102f200dc9c048b
gallery2-shutterfly-2.2.4-1.fc8.noarch.rpm
0f1e669d9a4af05bd0e10bb06c5b5c803fc48afc
gallery2-search-2.2.4-1.fc8.noarch.rpm
d39547201ad2de7db67ca2c4dc960e42f60bad9a
gallery2-rss-2.2.4-1.fc8.noarch.rpm
14508baff7fff55c099f195f1de84a3e6821869f
gallery2-rewrite-2.2.4-1.fc8.noarch.rpm
a6eed7dbc0a477b2ba88e7903938616fbac95a0c
gallery2-reupload-2.2.4-1.fc8.noarch.rpm
6ec5ddb29c25f55622e844e074519cfae180bb49
gallery2-replica-2.2.4-1.fc8.noarch.rpm
7244776d9c653ac63217e4d0441fa441bbc08aa2
gallery2-remote-2.2.4-1.fc8.noarch.rpm
274f7c1edddc23bdc4df480b24c5a02e5b469ad7
gallery2-register-2.2.4-1.fc8.noarch.rpm
5cbe8ca4aa708020c52d598be77979ec40433e7f
gallery2-rearrange-2.2.4-1.fc8.noarch.rpm
5bca5e6d08ebbed93bb1329fc555662ac6fa8341
gallery2-randomhighlight-2.2.4-1.fc8.noarch.rpm
f86109f56f7ee4b38b54b9a2b75837023f41e074
gallery2-rating-2.2.4-1.fc8.noarch.rpm
87a2e5c1c00e0201c1b17624e8d2bb8448b87334
gallery2-quotas-2.2.4-1.fc8.noarch.rpm
1aaff26cc3a560011fe998d66e0df5ebca1e4f08
gallery2-publishxp-2.2.4-1.fc8.noarch.rpm
aaf70d67b530d5126c86a4063926b35893e02e12
gallery2-picasa-2.2.4-1.fc8.noarch.rpm
401bf028968d7ec5a572fe949a83727dcf5b19bc
gallery2-photoaccess-2.2.4-1.fc8.noarch.rpm
7718dc7a7f90cdc97f7bee57a4b5dd4837cb84ad
gallery2-permalinks-2.2.4-1.fc8.noarch.rpm
5e646cc5201e6e66abb2169722f1a9af2b7dd1bb
gallery2-password-2.2.4-1.fc8.noarch.rpm
c472ebd5d7538c31c01d40259634d633b8367ebb
gallery2-panorama-2.2.4-1.fc8.noarch.rpm
cc59e9d83948a0b5508bfcf99cb7e25177a7d6a1
gallery2-nokiaupload-2.2.4-1.fc8.noarch.rpm
3639fe07b4b3a4f07ddbe41cfe3b4b18763cec93
gallery2-newitems-2.2.4-1.fc8.noarch.rpm
cea1ae5e29946939663f9b8d32444de5e4c8fc65
gallery2-netpbm-2.2.4-1.fc8.noarch.rpm
11b978d7540c31de8d9190fd0f7ae9aa7ef9dc7c
gallery2-multiroot-2.2.4-1.fc8.noarch.rpm
2a778a17c1999a074abfc40b618d7ef9edf178c4
gallery2-multilang-2.2.4-1.fc8.noarch.rpm
b0256f4b688c0cd4f992d0e05686be0b73225fcc
gallery2-mp3audio-2.2.4-1.fc8.noarch.rpm
287a4d973d007cd84ab16cbcc978a201ba6307f7
gallery2-mime-2.2.4-1.fc8.noarch.rpm
4425b34c1a7c1b46bf1b1ba8a7555887ffa154a3
gallery2-migrate-2.2.4-1.fc8.noarch.rpm
31d362d95bb5ed271558eab596f6b9aedde86cae
gallery2-members-2.2.4-1.fc8.noarch.rpm
b8d496e946ed9c865c5b1daeb0e668b702bbb8ad
gallery2-linkitem-2.2.4-1.fc8.noarch.rpm
b0c6fe411f831bc695e3c8d6363b938fee6f9019
gallery2-keyalbum-2.2.4-1.fc8.noarch.rpm
50b2d3130594a225f54512287d55f5521e13156b
gallery2-itemadd-2.2.4-1.fc8.noarch.rpm
b7cde1ffe074b5709a72e6d48e2c994546c6708d
gallery2-imagemagick-2.2.4-1.fc8.noarch.rpm
2dbef1917d6642085283651fbd05909c31033aa8
gallery2-imageframe-2.2.4-1.fc8.noarch.rpm
f8436b510819caaeb6323d081b2f808ebcb761c5
gallery2-imageblock-2.2.4-1.fc8.noarch.rpm
1b3b6f18a4a5ea9a97e33a3af5624811d5555720
gallery2-icons-2.2.4-1.fc8.noarch.rpm
efb844695a669a87fcce3e04429b6e293f4ec843
gallery2-httpauth-2.2.4-1.fc8.noarch.rpm
2ee723bbdcaa66ab107e492a0e8a53821fbe9ea5
gallery2-hidden-2.2.4-1.fc8.noarch.rpm
5a150f4ef33fe2d724b38186760dc6fc46b7d37c
gallery2-getid3-2.2.4-1.fc8.noarch.rpm
a2bf903b07471952f5f5e1a733b9031871ae1f69
gallery2-gd-2.2.4-1.fc8.noarch.rpm
340750a15bacb76ff466219f79da10cd353b9258
gallery2-fotokasten-2.2.4-1.fc8.noarch.rpm
fd9e3553f6761557877e165405367051f61b6bb8
gallery2-flashvideo-2.2.4-1.fc8.noarch.rpm
afd999b41679dcab37b67ae09bc36d23120c904f
gallery2-ffmpeg-2.2.4-1.fc8.noarch.rpm
c35a5420ccdde62eab648d7fe93ffedae332f829
gallery2-exif-2.2.4-1.fc8.noarch.rpm
a330bc01557664c45ca5579795b87892fc824973
gallery2-ecard-2.2.4-1.fc8.noarch.rpm
a16089c576e08c5cf771463ed320180d1ed5507a
gallery2-dynamicalbum-2.2.4-1.fc8.noarch.rpm
68a658282959bf6cf6ff6f82fc9c0eaf68c1c209
gallery2-digibug-2.2.4-1.fc8.noarch.rpm
ec39633ff31549b89e7f968ce3ffbda81f3222d8
gallery2-debug-2.2.4-1.fc8.noarch.rpm
2c9b61cbd94dc7b2485898ad86d6fd6eed42b3df
gallery2-dcraw-2.2.4-1.fc8.noarch.rpm
ab8284e098bf807146369947c72ddb312dd3cf2c
gallery2-customfield-2.2.4-1.fc8.noarch.rpm
ba23f6305edce5e2608d8382191462ae76315875
gallery2-comment-2.2.4-1.fc8.noarch.rpm
c388bf2469d15031c6b58529285316fb600666d8
gallery2-colorpack-2.2.4-1.fc8.noarch.rpm
34a8be54a2a9bb2a1e210d00ec447ead4c99971c
gallery2-cart-2.2.4-1.fc8.noarch.rpm
f4c453be251a4a54f76eb8ddafb92f021e52a114
gallery2-captcha-2.2.4-1.fc8.noarch.rpm
deadd324c56f7bfef307650f48372458992a787c
gallery2-archiveupload-2.2.4-1.fc8.noarch.rpm
8a2dee20cb1a61bff1d0ccb02f7f610c4a7bd546
gallery2-albumselect-2.2.4-1.fc8.noarch.rpm
0bdebba69c2f33e130416b7caec3fdb7c42423da
gallery2-2.2.4-1.fc8.noarch.rpm
9f830f3cdd0cb837eb02c59cf48e777481e9fab9 gallery2-2.2.4-1.fc8.src.rpm

ORIGINAL ADVISORY:
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00771.html
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00772.html

OTHER REFERENCES:
SA28163:
http://secunia.com/advisories/28163/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------