[geeklog-users] Geeklog/Gallery Vulnerbility Fix

[Tony Bibbs]

Blah, don't apologize.  Most of us love the integration you have 
provided with Gallery and we are glad you are providing a quick fix.

Vincent Furia wrote:
> All that is required to correct this vulnerbility is to remove the line:
> 
> require_once($GEEKLOG_DIR . '/lib-common.php');
> 
>>From the files User.php and UserDB.php in the gallery\classes\geeklog
> folder.
> 
> The other locations where $GEEKLOG_DIR is found are preceded by an
> "include('config.php');" which eliminates the security risk in those
> areas. (This is because the $GEEKLOG_DIR variable is assigned a value in
> the config.php file overriding any value passed by GET or POST).  It might
> not be a bad idea to check to be sure that $GEEKLOG_DIR is in the
> config.php file (though the integration will not work without its
> presence).
> 
> I'll put together an update which addresses these problems as soon as I
> can (perhaps as soon as this weekend).  By early next year I'll try to
> complete a security audit of the geeklog/gallery integration code to try
> to eliminate all security problems.
> 
> I appologize to those affected by this problem and I hope that not many
> machines were compromised as result of this problem.  I don't know how
> long this vulerbility has been in the code, but it has been there for more
> than a year (since before I began to work on the integration).
> 
> -Vinny
> _______________________________________________
> geeklog-users mailing list
> geeklog-users at lists.geeklog.net
> http://lists.geeklog.net/listinfo/geeklog-users