Pierrick on Piwigo

Piwigo is the open source photo gallery for the web

Piwigo 2.1.3 and vulnerability reporting

Piwigo 2.1.3 was released 6 days ago on September 14th 2010. It brings 2 new languages (فارسی and Latviešu, 28 languages now available), fixes several minor bugs, improves PostgreSQL compatibility but the main reason for releasing was the discovering of a few vulnerabilities.

On Twitter, I often search for “piwigo” related tweets and on September 11th I found several vulnerability reports. This was not cool at all. Vulnerabilities exist and you won’t find any web application 100% free of vulnerabilities. The problem is that from time to time the reporter prefers to make the vulnerability public instead of reporting it to Piwigo team. So please, next time please contact the Piwigo team for vulnerabilities found in Piwigo.

On the other side, Loïc Castel helped us to fix the bug and we publicly thank him for that!

Visit Piwigo download page

Advertisements

Written by plg

September 20, 2010 at 11:55 am

Posted in Miscellaneous

%d bloggers like this: