[26500] in bugtraq
Re: Additional bugs in gallery
daemon@ATHENA.MIT.EDU (Bharat Mediratta)
Thu Aug 1 18:36:52 2002
Message-ID: <097401c23983$ebb23920$0b05000a@firebrand>
From: "Bharat Mediratta" <bharat@menalto.com>
To: <avart@gmx.de>, <gallery-devel@lists.sourceforge.net>
Cc: <bugtraq@securityfocus.com>, <full-disclosure@lists.netsys.com>
Date: Thu, 1 Aug 2002 10:50:22 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
> # And the solution?
> Go to
>
<http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&si
d=50&mode=thread&order=0&
> thold=0> to see how to solve the problem
>
> # Why do you post this problem again?
> Because the author of the announcement on the gallery website said:
> An alternative to doing a full upgrade is to patch the files that contain
> the security fix. This is relativ
> ely easy to do. All you need to do is edit these files:
> errors/configmode.php
> errors/needinit.php
> errors/reconfigure.php
> errors/unconfigured.php
>
> That's not absolutely right...you have to patch the file:
> captionator.php too!
I've updated the website article to include captionator.php.
> Hope it's fixed in new releases :).
This is fixed in CVS today, v1.3.1-cvs-b13 snapshot, and will be
in the final v1.3.1 release that we put out on Friday.
Thanks,
-Bharat
