Notice if you use Gallery versions 1.3.1, 1.3.2, 1.3.3, 1.4 and 1.4.1
We have discovered a well-hidden but potentially serious security flaw
in these versions of Gallery which can allow a hacker to remotely
exploit your webserver. All Gallery users are *strongly* urged to
upgrade to 1.4.1-pl1 immediately, which fixes this serious problem and
will secure your system.
Thanks to Fred (vrotogel) for quickly alerting us to this issue.
We work tirelessly to make Gallery as robust as possible. However,
since this is not the first time we've encountered such security holes,
the development team has resolved to immediately add a pro-active
security hole detection scheme to our testing phase to assure that all
of our future releases are thoroughly vetted against these specific
Gallery 1.4.1-pl1 can be downloaded from the Gallery Download Page:
-The Gallery Team
Gallery :: Your photos on your website