After the upgrade, when I tried to change some of the configuration on the general page of the site admin interface I get the following error:
[Wed Jul 16 10:15:27 2008] [error] [client 12.34.56.78] ModSecurity: Access denied with code 400 (phase 2). Pattern match "\\\\%(?!$|\\\\W|[0-9a-fA-F]{2}|u[0-9a-fA-F]{4})" at ARGS:g2_form[format][date]. [id "950107"] [msg "URL Encoding Abuse Attack Attempt"] [severity "WARNING"] [hostname "gallery.xxx.com"] [uri "/main.php"] [unique_id "RV41kcaJyggAAFLE6YYAAAAB"]
This looks like there is something wrong with the Date field which was left as the default "%x" (the Time is "%X" and Date/Time is "%c").
Here is the output of System Information:
Gallery version = 2.2.5 core 1.2.0.7
PHP version = 5.2.6 apache2handler
Webserver = Apache/2.2.0 (Fedora)
Database = mysql 5.0.45, lock.system=flock
Toolkits = ArchiveUpload, Exif, Getid3, ImageMagick, NetPBM, SquareThumb, Thumbnail, LinkItemToolkit, Dcraw, Ffmpeg, Gd
Acceleration = none, full/900
Operating system = Linux abc.xxx.com 2.6.24.3-12.fc8 #1 SMP Tue Feb 26 14:58:29 EST 2008 i686
Default theme = matrix
gettext = enabled
Locale = en_US
Browser = Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9) Gecko/2008061712 Fedora/3.0-1.fc9 Firefox/3.0
Rows in GalleryAccessMap table = 77
Rows in GalleryAccessSubscriberMap table = 2169
Rows in GalleryUser table = 4
Rows in GalleryItem table = 2165
Rows in GalleryAlbumItem table = 15
Rows in GalleryCacheMap table = 49