|
This is the official website of Gallery, the open source web based photo album organizer.
Gallery gives you an intuitive way to blend photo management seamlessly into your own website whether you're running a small personal site or a large community site.
More: |
|
The Gallery Project is moving to GalleryProject.org
Submitted by thumb on Fri, 2013-01-18 01:18
There's been discussion among team members about trying to clarify the Gallery Project's identity. To those ends, the Project's web sites, gallery.menalto.com and codex.gallery2.org, have moved to www.galleryproject.org and codex.galleryproject.org.
» 3 comments | Read more
InMotion Hosting Contributes to Gallery
As part of their support of the open source community, InMotion Hosting, a professional web hosting service provider, rolled up their sleeves and worked with the Gallery team to help with some outstanding issues with Gallery 3.
InMotion developers learned the Gallery environment and worked on five different bug fixes, getting the new code to us via GitHub pull requests. They fixed things like a PHP 5.3.13 incompatibility, a parallel upload timeout problem and more. Their fixes will all be included in the next release of Gallery 3. In addition to the development work, InMotion has also provided monetary support for the Gallery project, which we appreciate!
Now that they’ve got the hang of it, InMotion is continuing its support of Gallery via ongoing technical contributions. Maybe you know of someone else who would like to contribute?
Gallery 3.0.4 Security Release Available!
Submitted by ckdake on Tue, 2012-06-12 18:11
After several extensive internal and external security audits which discovered 22 distinct vulnerabilities, we are releasing Gallery 3.0.4 as a security release. All of the issues require that someone with malicious intent either have an account with edit permissions, or trick a user with edit permissions into clicking on a malicious link. In most cases, this can only lead to a possible XSS vulnerability, but in several instances it allows arbitrary PHP code execution.
We thank the following individuals for reporting these issues: Chalk, Mateusz Goik, James 'albino' Kettle, Emanuel Bronshtein, and Sergey Markov. Due to their efforts, they will each be receiving bounties of $1000 for their help in making Gallery more secure. Read our Bounties page for details and how to submit any security issues you find.
We strongly recommend that all users of Gallery 3 upgrade as soon as possible.
» 21 comments | Read more
3rd Party iPhone App for Gallery
Submitted by ckdake on Thu, 2012-04-26 12:53
A team of developers has released a new version of their native iPhone/iPad app for Gallery 3.
viGallery allows you to manage your photos and albums straight from your iOS device.
Take a look on the app store: viGallery and on their info/support page.
It isn't open source and it does cost $4, but it looks like a nice way to work with Gallery 3 from your Apple devices. Read on for features and requirements.
» 7 comments | Read more
Gallery interview on SourceForge's 'The Anvil' Podcast
Submitted by ckdake on Wed, 2012-04-18 23:57
A week or so ago, Chris Kelly (ckdake) was interviewed on SourceForge.net's podcast 'The Anvil' about Gallery for the SourceForge.net Blog. Check it out: The Anvil Podcast: Gallery.
Gallery 3.0.3 and Gallery 2.3.2 Security Releases are available!
Submitted by ckdake on Tue, 2012-04-03 13:06
We're releasing both Gallery 3.0.3 and Gallery 2.3.2 as security releases. Several researchers, working independently, discovered possible encryption-related vulnerabilities. Low-risk XSS vulnerabilities limited to the administration area were also reported. We thank the following individuals for reporting these issues: James 'albino' Kettle, George Argyros & Aggelos Kiayias, and Emanuel Bronshtein. They will be receiving bounties for these issues. Read our Bounties page for details and how to submit any security issues you find. The CVE id for these issues is CVE-2012-1113.
We recommend that all users of Gallery 2 and Gallery 3 upgrade as soon as possible.
» 23 comments | Read more
