minimal gallery 0.8.1

Friday, January 18th, 2008

Some hackers found a security vulnerability in my minimal gallery script a few days ago. It consisted of what they call a “transversal attack” and it’s actually dangerous only if your server is not properly configured which shouldn’t be the case with most hosting companies…

But you never know, so I fixed minimal gallery, and while I was at it, I fixed a couple other bugs and I updated the “basic” theme so now it stretches/shrinks to adapt to pictures of different width. I added that feature mainly because I switched from 700px to 900px wide photos on my gallery.

Some of you might notice the pretty significant size increase of the download (a whole 70K now!). It’s because I included jQuery in preparation for some upcoming features… Hopefully coming within the next few months. I’m hoping work will calm down a bit so I’ll have time for personal projects again…

The v.0.8.1 update is recommended for everyone, just make sure you backup your preference file and any template you have customized before!

Filed under: minimal gallery, Updates

Follow comments via RSS feed

Comments on this article

  1. Thanks for a great idea. Free’dom

    Lopi, on 2006.12.13

  2. Thank you!

    Kyoil Kim, on 2006.12.19

  3. Very great!

    angeldevil, on 2007.01.03

  4. This looks nice and simple. I am looking for a clean look and simple content management process. This may be it.

    Phil Glover, on 2007.01.21

  5. I have been looking for something this simple and functional for some time now. I had actually started learning PHP to one day write something if it came to it. thanks!

    Rahim, on 2007.02.10

  6. LET’S TRY IT

    MICHAEL INDERRIEDEN, on 2007.04.26

  7. good

    S, on 2007.05.27

  8. I was just checking to see if there was anything new with Minimal Gallery.

    Thank you for a really nice, concise, elegant tool to display photos fast and easily.

    I’ve been using it for sometime and have been really pleased.

    Doug Folkerts, on 2007.06.10

  9. Regrettably, I havenít been able to spend time on personal projects for a while, Iím just too busy with work. minimal Gallery is not dead though, more like “sleeping beauty” and Iím definitely planning to wake her up with a nice 1.0 kiss in the future.

    I have learned quite a bit in terms of programming since I wrote it, so it should be worth the update whenever it comes out.

    Thanks!

    Yann, on 2007.06.14

  10. download :)

    milos, on 2007.09.21

  11. you’ve done a great job on this. i love it.

    chad, on 2008.01.09

  12. WARNING!!!

    MinimalGallery 0.8 has a security vunerability that has just been published (Jan 13th 2008). I got hit by this, and because I’m not too clued up on Apache security my server was compromised. Basically, if you aren’t properly locked down anyone can view your system files in /etc, including password files.

    The vunerability has been published at http://www.milw0rm.com/author/1220 (nothing to do with me, found it with Google)

    To the author: please patch this ASAP and inform MinimalGallery users of the problem. Thanks!

    Matthew Neighbour, on 2008.01.14

  13. Done. I updated mG to 0.8.1.

    Yann, on 2008.01.17

Leave a comment

HTML is not allowed and will be filtered out. You can use Markdown for formating;
mandatory fields are marked with *