Gallery 2.0.2 is now available for download. This release adds no new features. It fixes a minor XSS exploit, a potential information leak and a file disclosure bug in the zipcart module that could allow remote visitors to view sensitive files on your webserver. These security flaws were discovered during an internal security audit of the Gallery 2 code, and there are no known exploits for them in the wild. However we strongly recommend that you upgrade to version 2.0.2 as soon as possible. If you're unable to upgrade right away we recommend that you **disable the zipcart module** until time permits you to upgrade. Please follow our upgrading instructions download and install the latest release.
Upgrade instructions: http://codex.gallery2.org/index.php/Gallery2:Upgrading_to_2.0.x
Download page: http://codex.gallery2.org/index.php/Gallery2:Download