Release Notes: This release fixes critical security issues. No new features have been added. Users of all previous Gallery 2 versions are strongly encouraged to upgrade to this version as soon as possible. Since this is a security release, it shares the same installation requirements as 2.2.5. If you haven't upgraded to 2.2.x yet, please review the Gallery 2.2 release notes for highlights of changes and the requirements.
Release Notes: This release fixes many security issues, some serious. It also resolves a handful of bugs and has some reorganization of the internal API. It is strongly recommended that all users of 1.5.7 and earlier upgrade.
Release Notes: This release comes with some great new features (e.g. Group Support and CAPTCHA), but contains incompatible changes with older versions of Gallery 1.
Release Notes: This release fixes critical security issues. No new features have been added.
No changes have been submitted for this release.
Release Notes: This release addresses the following security vulnerabilities: unauthorized renaming of items with WebDAV, unauthorized modification and retrieval of item properties with WebDAV, unauthorized locking and replacing of items with WebDAV, and unauthorized editing of data files via linked items with Reupload and WebDAV.
Release Notes: This release adds no new features. It fixes minor information leakage in Gallery 2.1 and 2.1.1a, and a major session ID disclosure in all versions prior to Gallery 2.1. Note that these flaws only affect installations where Gallery's storage folder is accessible directly from the Web, which is strongly discouraged during the installation process.
Release Notes: This release fixes a local file inclusion exploit in the upgrade and installation code.
Release Notes: This version fixes a file disclosure bug in the zipcart module, a potential information disclosure bug in the installer code, and a minor potential XSS exploit in the add-images-from-the-web code.
Release Notes: An input validation issue that could lead to remote file access on the Web server was fixed.