Gallery 1.4.4-pl5 Security Release

Several days ago, Rafel Ivgi informed us of a possible cross site scripting (definition) problem in current versions of Gallery. The problem and some similar problems discovered by our team has been addressed in Gallery 2 CVS as well as in this release of 1.4.4-pl5.

As with most other cross site scripting problems, No risk is posed to the webserver itself or any non-Gallery data, but a Gallery install could be compromised using appropriate code.

In addition to the security fix, Gallery 1.4.4-pl5 uses the proper parameters for new versions of ImageMagick and fixes some small issues with PHP 5.

All Gallery users are strongly urged to upgrade to 1.4.4-pl5 immediately, which fixes this problem and will secure your system.

Gallery 1.4.4-pl5 can be downloaded from the Gallery Download Page.

Submitted by jifl on Wed, 2005-01-26 12:41.

Is there a 1.4.4-pl4 -> 1.4.4-pl5 patchfile ?

Submitted by schultmc on Wed, 2005-01-26 14:57.

Version 1.4.4-pl5-1 of the Debian gallery package was uploaded on Wednesday, January 26, 2005 and should be available in Debian unstable after the archive run completes in the afternoon (EST) of Wednesday, January 26, 2005.

Submitted by ayn on Wed, 2005-01-26 15:48.

I read that ImageMagick parameters were updated, so is this version going to work with older version of ImageMagick? My server runs Debian stable and it's using 5.4.4.5. thanks!

Submitted by ckdake on Wed, 2005-01-26 16:27.

Gallery now works properly with both older and newer versions of ImageMagick

Submitted by mandebooks on Wed, 2005-01-26 20:47.

hi, 
 
i just installed the new version. now when i upload pics (via the form upload or the iphoto plugin) they don't display. the verison that was avaialble January 24th worked just fine - whats up?

Submitted by shokk on Thu, 2005-01-27 01:15.

For now, use this... 
<a href="http://www.shokk.com/gallery1.4.4-pl4_1.4.4-pl5.patch">http://www.shokk.com/gallery1.4.4-pl4_1.4.4-pl5.patch</a>

Submitted by trakman on Thu, 2005-01-27 05:32.

I'm running FreeBSD and am fairly new to things. 
I've tried updating my ports collection and it can only see 'gallery-1.4.4.4'. Who can I contact to update the ports collection? Or is there another way I can install this new secuity update?

Submitted by dmd on Thu, 2005-01-27 05:51.

How do you apply this? 
 
I tried patch -p1 -i gallery1.4.4-pl4_1.4.4-pl5.patch and that didn't work... 
Hmm... Looks like a normal diff to me... 
can't find file to patch at input line 2 
Perhaps you used the wrong -p or --strip option? 
 
 
I tried a bunch of different values for -p, and I was doing this from within the Gallery directory.

Submitted by ckdake on Thu, 2005-01-27 13:33.

Please use one of our support channels to resolve this, preferably the forums avaliable in the "Support" section on the left of this website.

Submitted by plam on Thu, 2005-01-27 16:06.

</pre> 
- </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.c.37"></a><a name="id2586070"></a>C.37.</td><td align="left" valign="top"> 
+ </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.c.37"></a><a name="id2516632"></a>C.37.</td><td align="left" valign="top"> 
I've forgotten my admin password! How can I reset it? 
</td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"> 
Resetting your admin password is easy; just rerun the <a href="gallery1-install.config-wizard.html" title="The Configuration Wizard"> 
configuration wizard</a> and specify a new password on step 2. 
- </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.c.38"></a><a name="id2586232"></a>C.38.</td><td align="left" valign="top"> 
+ </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.c.38"></a><a name="id2516664"></a>C.38.</td><td align="left" valign="top"> 
Why are my picture frames screwed up? 
</td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"> 
If you have a file called gallery/css/embedded_style.css (ie 
diff -ru gallery-1.4.4-pl4/docs/g1package/gallery1-install.faq.d.html gallery-1.4.4-pl5/docs/g1package/gallery1-install.faq.d.html 
--- gallery-1.4.4-pl4/docs/g1package/gallery1-install.faq.d.html 2004-11-03 14:32:16.000000000 -0500 
+++ gallery-1.4.4-pl5/docs/g1package/gallery1-install.faq.d.html 2005-01-26 06:44:37.000000000 -0500 
@@ -8,7 +8,7 @@ 
(comment, images, etc..)? 
</a></dt><dt>D.4. <a href="gallery1-install.faq.d.html#gallery1-install.faq.d.4"> 
Something went wrong, it's not working! What do I do? 
- </a></dt></dl></td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.d.1"></a><a name="id2586422"></a>D.1.</td><td align="left" valign="top"> 
+ </a></dt></dl></td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.d.1"></a><a name="id2516743"></a>D.1.</td><td align="left" valign="top"> 
How can I migrate my Gallery from one host to another? 
</td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"><div class="warning" ><h3 class="title">Warning</h3> 
If you are moving between a Windows and non-Windows host, please 
@@ -52,14 +52,14 @@ 
the albums directory you just uploaded, not a blank directory, as you 
would on a clean install of Gallery. After you secure Gallery, all your 
data should show up intact! 
- </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.d.2"></a><a name="id2586556"></a>D.2.</td><td align="left" valign="top"> 
+ </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.d.2"></a><a name="id2516860"></a>D.2.</td><td align="left" valign="top"> 
Why do I get this error after migration: <tt class="literal">Warning: fopen 
('.../albums/foo/album.dat.lock', 'a+')</tt>? 
</td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"> 
This is caused by not recursively chmodding the new albums directory 0777. 
See FAQ <a href="gallery1-install.faq.c.html#gallery1-install.faq.c.15">C.15</a> for information 
on how to fix this. 
- </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.d.3"></a><a name="id2586588"></a>D.3.</td><td align="left" valign="top"> 
+ </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.d.3"></a><a name="id2516898"></a>D.3.</td><td align="left" valign="top"> 
Will moving my Gallery to another host cause me to lose data 
(comment, images, etc..)? 
</td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"> 
@@ -67,7 +67,7 @@ 
</a>, there should be no lose of data whatsoever. However, because of Murphy's 
law, it's a good idea not to delete your albums directory on your old host before 
you know everything is working on the new host. 
- </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.d.4"></a><a name="id2586613"></a>D.4.</td><td align="left" valign="top"> 
+ </td></tr><tr class="question"><td align="left" valign="top"><a name="gallery1-install.faq.d.4"></a><a name="id2516933"></a>D.4.</td><td align="left" valign="top"> 
Something went wrong, it's not working! What do I do? 
</td></tr><tr class="answer"><td align="left" valign="top"></td><td align="left" valign="top"> 
First, try again. Make sure you follow all the instructions in 
diff -ru gallery-1.4.4-pl4/docs/g1package/index.html gallery-1.4.4-pl5/docs/g1package/index.html 
--- gallery-1.4.4-pl4/docs/g1package/index.html 2004-11-03 14:32:19.000000000 -0500 
+++ gallery-1.4.4-pl5/docs/g1package/index.html 2005-01-26 06:44:41.000000000 -0500 
@@ -2,5 +2,5 @@ 
This guide is distributed under the terms of the <a href="http://www.gnu.org/licenses/gpl.txt" target="_top"> 
GNU General Public License</a>. 
</div></div></div><div></div><hr></div><div class="toc">Table of Contents<dl><dt><a href="preface.html">Preface</a></dt><dt><a href="gallery1-install.html">1. Gallery 1.x Installation Guide</a></dt><dd><dl><dt><a href="gallery1-install.overview.html">Overview</a></dt><dt><a href="gallery1-install.features.html">Features</a></dt><dt><a href="gallery1-install.credits.html">Credits</a></dt><dt><a href="gallery1-install.requirements.html">Installation Requirements</a></dt><dt><a href="gallery1-install.unix-ftp.html">Installing on a Unix/Linux Server with FTP</a></dt><dt><a href="gallery1-install.unix-shell.html">Installing on a Unix/Linux Server with Shell Access</a></dt><dt><a href="gallery1-install.windows.html">Installing on a Windows Server (Apache)</a></dt><dt><a href="gallery1-install.windows-iis.html">Installing on a Windows Server (IIS)</a></dt><dt><a href="gallery1-install.upgrade.html">Upgrading a Previous Gallery Installation</a></dt><dt><a href="gallery1-install.help.html">Getting Additional Help</a></dt><dt><a href="gallery1-install.required-programs.html">Installing Required Programs</a></dt><dt><a href="gallery1-install.remote-applets.html">Installing (or updating) Gallery Remote Applets</a></dt><dt><a href="gallery1-install.language-packs.html">Installing Language Packs</a></dt><dt><a href="gallery1-install.config-wizard.html">The Configuration Wizard</a></dt><dt><a href="gallery1-install.faq.html">Frequently Asked Questions</a></dt></dl></dd><dt><a href="gallery1-admin.html">2. Gallery 1.x Administration Guide</a></dt><dd><dl><dt><a href="gallery1-admin.basics.html">Basics</a></dt><dt><a href="gallery1-admin.users.html">Users and Permissions</a></dt><dt><a href="gallery1-admin.embedding.html">Embedding Gallery</a></dt><dt><a href="gallery1-admin.securing.html">Securing Gallery</a></dt><dt><a href="gallery1-admin.backup.html">Backup and Restore</a></dt><dt><a href="gallery1-admin.offline.html">Creating an Offline Copy</a></dt><dt><a href="gallery1-admin.patching.html">Patching your Gallery</a></dt><dt><a href="gallery1-admin.mirroring.html">Mirroring Gallery</a></dt></dl></dd><dt><a href="gallery1-user.html">3. Gallery 1.x User's Guide</a></dt><dd><dl><dt><a href="gallery1-user.import.html">Importing into gallery</a></dt><dt><a href="gallery1-user.watermark.html">Watermarking</a></dt></dl></dd></dl></div> 
- Documentation last generated on: Wed Nov 3 11:32:08 PST 2004 
+ Documentation last generated on: Wed Jan 26 06:44:25 EST 2005 
</div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"> </td><td width="20%" align="center"> </td><td width="40%" align="right"> </td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"> </td><td width="40%" align="right" valign="top"> </td></tr></table></div></body></html> 
diff -ru gallery-1.4.4-pl4/login.php gallery-1.4.4-pl5/login.php 
--- gallery-1.4.4-pl4/login.php 2004-05-20 18:06:03.000000000 -0400 
+++ gallery-1.4.4-pl5/login.php 2005-01-25 00:40:50.000000000 -0500 
@@ -17,7 +17,7 @@ 
* along with this program; if not, write to the Free Software 
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 
* 
- * $Id: login.php,v 1.51 2004/05/20 22:06:03 cryptographite Exp $ 
+ * $Id: login.php,v 1.51.2.1 2005/01/25 05:40:50 cryptographite Exp $ 
*/ 
?> 
<?php 
@@ -27,8 +27,11 @@ 
// Security check. 
if (!isset($username)) { 
$username=""; 
+} else { 
+ /* decode user data, remove tags, and then re-encode using html entities for safe page display */ 
+ $username = htmlspecialchars(removeTags(urldecode($username))); 
} 
-$username = removeTags($username); 
+ 
doctype(); 
?> 
 
diff -ru gallery-1.4.4-pl4/search.php gallery-1.4.4-pl5/search.php 
--- gallery-1.4.4-pl4/search.php 2004-07-10 00:04:03.000000000 -0400 
+++ gallery-1.4.4-pl5/search.php 2005-01-25 00:40:50.000000000 -0500 
@@ -17,7 +17,7 @@ 
* along with this program; if not, write to the Free Software 
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 
* 
- * $Id: search.php,v 1.61 2004/07/10 04:04:03 cryptographite Exp $ 
+ * $Id: search.php,v 1.61.2.1 2005/01/25 05:40:50 cryptographite Exp $ 
*/ 
?> 
<?php 
@@ -47,8 +47,11 @@ 
 
if (!isset($searchstring)) { 
$searchstring=""; 
+} else { 
+ /* urldecode, remove tags, and then encode htmlspecial chars to make string display-safe */ 
+ $searchstring = htmlspecialchars(removeTags(urldecode($searchstring))); 
} 
-$searchstring = removeTags($searchstring); 
+ 
if ($searchstring) { 
echo makeFormIntro("search.php"); 
?> 
diff -ru gallery-1.4.4-pl4/setup/.htaccess gallery-1.4.4-pl5/setup/.htaccess 
--- gallery-1.4.4-pl4/setup/.htaccess 2003-10-12 16:57:27.000000000 -0400 
+++ gallery-1.4.4-pl5/setup/.htaccess 2005-01-25 14:54:40.000000000 -0500 
@@ -1,4 +1,4 @@ 
-# $Id: .htaccess,v 1.16 2003/10/12 20:57:27 bharat Exp $ 
+# $Id: .htaccess,v 1.16.10.1 2005/01/25 19:54:40 cryptographite Exp $ 
<IfModule sapi_apache2.c> 
php_value auto_prepend_file ./php_value_ok.php 
php_value magic_quotes_gpc off 
@@ -9,6 +9,11 @@ 
php_value magic_quotes_gpc off 
</IfModule> 
 
+<IfModule mod_php5.c> 
+php_value auto_prepend_file ./php_value_ok.php 
+php_value magic_quotes_gpc off 
+</IfModule> 
+ 
Options +FollowSymLinks 
<IfModule mod_rewrite.c> 
RewriteEngine On 
diff -ru gallery-1.4.4-pl4/util.php gallery-1.4.4-pl5/util.php 
--- gallery-1.4.4-pl4/util.php 2004-08-22 20:41:43.000000000 -0400 
+++ gallery-1.4.4-pl5/util.php 2005-01-25 01:07:15.000000000 -0500 
@@ -17,7 +17,7 @@ 
* along with this program; if not, write to the Free Software 
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 
* 
- * $Id: util.php,v 1.410.2.9 2004/08/23 00:41:43 cryptographite Exp $ 
+ * $Id: util.php,v 1.410.2.10 2005/01/25 06:07:15 cryptographite Exp $ 
*/ 
?> 
<?php 
@@ -2354,6 +2354,18 @@ 
return NULL; 
} 
 
+function getImVersion() { 
+ global $gallery; 
+ $version = array(); 
+ 
+ exec($gallery->app->ImPath .'/convert -version', $results); 
+ 
+ $pieces = explode(' ', $results[0]); 
+ $version = $pieces[2]; 
+ 
+ return $version; 
+} 
+ 
function compress_image($src, $out, $target, $quality, $keepProfiles=false) { 
global $gallery; 
 
@@ -2379,15 +2391,30 @@ 
} 
} 
break; 
+ 
case "ImageMagick": 
+ /* we just need the first digit = major version */ 
+ $ImVersion = floor(getImVersion()); 
+ // Set the keepProfiles parameter based on the version 
+ // of ImageMagick being used. 6.0.0 changed the 
+ // parameters again. 
+ if ($ImVersion == '5' && $keepProfiles) { 
+ $keepProfiles = ' +profile \'*\' '; 
+ } elseif ($ImVersion == '6' && $keepProfiles) { 
+ $keepProfiles = ' -strip '; 
+ } else { 
+ $keepProfiles = ''; 
+ } 
+ 
/* Preserve comment, EXIF data if a JPEG if $keepProfiles is set. */ 
$err = exec_wrapper(ImCmd('convert', "-quality $quality " 
. ($target ? "-size ${target}x${target} " : '') 
- . ($keepProfiles ? ' ' : ' +profile \'*\' ') 
+ . $keepProfiles 
. $srcFile 
. ($target ? " -geometry ${target}x${target} " : ' ') 
. $outFile)); 
break; 
+ 
default: 
if (isDebugging()) 
echo " " . _("You have no graphics package configured for use!")." "; 
diff -ru gallery-1.4.4-pl4/Version.php gallery-1.4.4-pl5/Version.php 
--- gallery-1.4.4-pl4/Version.php 2004-11-03 14:10:51.000000000 -0500 
+++ gallery-1.4.4-pl5/Version.php 2005-01-25 18:03:54.000000000 -0500 
@@ -17,7 +17,7 @@ 
* along with this program; if not, write to the Free Software 
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 
* 
- * $Id: Version.php,v 1.972.2.74 2004/11/03 19:10:51 cryptographite Exp $ 
+ * $Id: Version.php,v 1.972.2.79 2005/01/25 23:03:54 ckdake Exp $ 
*/ 
?> 
<?php 
@@ -31,14 +31,14 @@ 
$gallery = new stdClass(); 
} 
 
-$gallery->version = '1.4.4-pl4'; 
+$gallery->version = '1.4.4-pl5'; 
$gallery->config_version = 82; 
$gallery->album_version = 31; 
$gallery->user_version = 5; 
$gallery->url = "http://gallery.sourceforge.net"; 
 
/* do not edit the date!! modified by CVS */ 
-$gallery->last_change=strtotime(substr('$Date: 2004/11/03 19:10:51 $', 7, -1)); 
+$gallery->last_change=strtotime(substr('$Date: 2005/01/25 23:03:54 $', 7, -1)); 
/* 
* PostNuke version info 
*/

Submitted by mombos on Thu, 2005-01-27 18:51.

can we not get a change log list of changed files. 
 
i have some mods on my forum and need to know which files have been updated. 
 
cheers

Submitted by sunchao on Mon, 2005-02-07 14:56.

i meet the same questiong as mandebooks ...

Gallery

Random Image

Licked Photos[go]

Navigation

User login

Support Gallery!

New forum topics

Top feature requests

User Testimonial

Gallery 1.4.4-pl5 Security Release