Accepted gallery 1.5-1sarge2 (source all)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed,  7 Jun 2006 00:02:52 +0000
Source: gallery
Binary: gallery
Architecture: source all
Version: 1.5-1sarge2
Distribution: stable-security
Urgency: high
Maintainer: Michael C. Schultheiss <schultmc@debian.org>
Changed-By: Michael C. Schultheiss <schultmc@debian.org>
Description: 
 gallery    - a web-based photo album written in php
Changes: 
 gallery (1.5-1sarge2) stable-security; urgency=high
 .
   * Fix Cross-site scripting (XSS) vulnerability in Gallery 1.5.1-RC2 and
     earlier that allows remote attackers to inject arbitrary web script or
     HTML via EXIF data, such as the Camera Model Tag  [util.php,
     CVE-2005-2734]
   * Fix Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 that
     allows remote attackers to inject arbitrary web script or HTML via unknown
     attack vectors, possibly involving the user name (fullname).
     [register.php, CVE-2006-0330]
   * Fix two file exposure bugs in stats module [stats.php, CVE-2006-4030]
Files: 
 f66813dbb5218b6cae62345331e73de0 589 web optional gallery_1.5-1sarge2.dsc
 4f2cb50ce35dcdce2af96dc251ee695f 15917 web optional gallery_1.5-1sarge2.diff.gz
 5fd487a3d9973eb95af4eb4ee85cf545 6570476 web optional gallery_1.5-1sarge2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE2kj4Xm3vHE4uyloRAiq8AJ98Zo8DR98GwRC2pBb/lAR9+1GUDwCfUtpm
VgwdvU7fmejzAY5UMIc3gmM=
=VmZ/
-----END PGP SIGNATURE-----


Accepted:
gallery_1.5-1sarge2.diff.gz
  to pool/main/g/gallery/gallery_1.5-1sarge2.diff.gz
gallery_1.5-1sarge2.dsc
  to pool/main/g/gallery/gallery_1.5-1sarge2.dsc
gallery_1.5-1sarge2_all.deb
  to pool/main/g/gallery/gallery_1.5-1sarge2_all.deb