CVE-2007-4650: Unauthorised editing of item properties
Bug #163492 reported by
William Grant
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gallery2 (Debian) |
Fix Released
|
Unknown
|
|||
gallery2 (Fedora) |
Fix Released
|
Critical
|
|||
gallery2 (Gentoo Linux) |
Fix Released
|
Low
|
|||
gallery2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Won't Fix
|
Undecided
|
Unassigned | ||
Edgy |
Won't Fix
|
Undecided
|
Unassigned | ||
Feisty |
Won't Fix
|
Undecided
|
Unassigned | ||
Gutsy |
Won't Fix
|
Undecided
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: gallery2
Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked items" in WebDAV and (b) Reupload modules.
Dapper -> Gutsy are affected; Hardy was fixed by a Debian sync.
CVE References
Changed in gallery2: | |
status: | New → Fix Released |
assignee: | nobody → fujitsu |
status: | New → In Progress |
assignee: | nobody → fujitsu |
status: | New → In Progress |
assignee: | nobody → fujitsu |
status: | New → In Progress |
Changed in gallery2: | |
assignee: | nobody → fujitsu |
status: | New → In Progress |
Changed in gallery2: | |
status: | Unknown → Fix Released |
Changed in gallery2: | |
status: | Unknown → Fix Released |
Changed in gallery2: | |
status: | In Progress → Triaged |
status: | In Progress → Triaged |
status: | In Progress → Triaged |
status: | In Progress → Triaged |
Changed in gallery2: | |
status: | Unknown → New |
Changed in gallery2: | |
status: | New → Fix Released |
Changed in gallery2 (Ubuntu Gutsy): | |
assignee: | William Grant (wgrant) → nobody |
Changed in gallery2 (Ubuntu Feisty): | |
assignee: | William Grant (wgrant) → nobody |
Changed in gallery2 (Ubuntu Dapper): | |
assignee: | William Grant (wgrant) → nobody |
Changed in gallery2 (Ubuntu Edgy): | |
assignee: | William Grant (wgrant) → nobody |
Changed in gallery2 (Gentoo Linux): | |
importance: | Unknown → Low |
Changed in gallery2 (Fedora): | |
importance: | Unknown → Critical |
To post a comment you must log in.
Description of problem:
gallery 2.2.3 has been released as security update.