-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 30 Nov 2008 11:12:34 +0100 Source: gallery Binary: gallery Architecture: source all Version: 1.5.9-1.2 Distribution: unstable Urgency: high Maintainer: Michael C. Schultheiss <schultmc@debian.org> Changed-By: Nico Golde <nion@debian.org> Description: gallery - a web-based photo album written in php Closes: 506824 Changes: gallery (1.5.9-1.2) unstable; urgency=high . * Non-maintainer upload by the Security Team. * Fix insecure usage of superglobal $_REQUEST by first cleaning it up and then merging $_GET and $_POST into it to it to prevent interfering values set by malicious cookies when register_globals is on (No CVE id yet; Closes: #506824). Checksums-Sha1: b6f51e06c2f599ad49486f72148bf1b03039b176 971 gallery_1.5.9-1.2.dsc ab66569d891aad4e2210cfdad5a183ef4f36f854 21440 gallery_1.5.9-1.2.diff.gz f797e240949a0a866c53ff6f042318a5d570e8c4 2460952 gallery_1.5.9-1.2_all.deb Checksums-Sha256: 6f2f8c07b3ab18658e9a3c66dcfffd2b56c67436a70af1e61a979047d7cf52fc 971 gallery_1.5.9-1.2.dsc a4cfb2466b4a0b4526c3df6c552dfe93fdc5955c1cda88fa1cd213a20ffd24a7 21440 gallery_1.5.9-1.2.diff.gz c2b0a2aa92a5db06fb93265a640ea2c87e83a52699fb851e311f7fe41d8ac8e4 2460952 gallery_1.5.9-1.2_all.deb Files: 507b4f9ef546c34c7f5d73353704c2c0 971 web optional gallery_1.5.9-1.2.dsc 42507a32abbd5195788b0637fa35c059 21440 web optional gallery_1.5.9-1.2.diff.gz 7e8b003964d0bf0010875f0de87296bd 2460952 web optional gallery_1.5.9-1.2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkkyblAACgkQHYflSXNkfP9tQgCgshHOkhB41LVhFIfDME3NGuvg Ko0An0BqX2gltiufYsnAWpOs3ZG7YB12 =rLDn -----END PGP SIGNATURE----- Accepted: gallery_1.5.9-1.2.diff.gz to pool/main/g/gallery/gallery_1.5.9-1.2.diff.gz gallery_1.5.9-1.2.dsc to pool/main/g/gallery/gallery_1.5.9-1.2.dsc gallery_1.5.9-1.2_all.deb to pool/main/g/gallery/gallery_1.5.9-1.2_all.deb
