1.4.4-pl5 Security Release

BobcatASL

Joined: 2005-01-09
Posts: 46
Posted: Wed, 2005-01-26 13:01

Is there a listing somewhere of which files have changed?

Fairly new user of Gallery ... and I've customized alot of the files to integrate it into the site.

A list of the files that have changed would be helpful ... this would let me compare the files that I have modified .. see if they are on the list or not .. so that I know which files I have to remodify ... or which ones I can still use ....

Thanks

 
kikibig
kikibig's picture

Joined: 2003-01-07
Posts: 18
Posted: Wed, 2005-01-26 15:03

I just tried to download the update an received an "! C:\Documents and Settings\Administrator\My Documents\My Zips\Gallery\gallery-1.4.4-pl5.zip: Unexpected end of archive" warning. Does that mean the download is corrupt, unstable, unusable etc.? Thanks for your help.

 
BobcatASL

Joined: 2005-01-09
Posts: 46
Posted: Wed, 2005-01-26 15:04

I got the same thing .... when I tried to do a open.

Try saving it .. then opening it ... it worked for me ...

 
kikibig
kikibig's picture

Joined: 2003-01-07
Posts: 18
Posted: Wed, 2005-01-26 15:38

I ended up downloading from a Europe site and got the whole file. I tried all of the USA mirror sites, non worked for me :(. But now I have it!!

 
h0bbel
h0bbel's picture

Joined: 2002-07-28
Posts: 13451
Posted: Wed, 2005-01-26 16:20

BobcatASL, check the ChangeLog in the archive.

kikibig and BobcatASL, it takes a while for all the sf.net mirrors to be updated I'm afraid. :)

 
mombos

Joined: 2005-01-04
Posts: 49
Posted: Thu, 2005-01-27 19:22

i may be a little blind but where is the change log? cant find archive

 
h0bbel
h0bbel's picture

Joined: 2002-07-28
Posts: 13451
Posted: Thu, 2005-01-27 20:56

In the main Gallery directory, there should be a ChangeLog file

 
BobcatASL

Joined: 2005-01-09
Posts: 46
Posted: Fri, 2005-01-28 00:21

Below is what I see in the change log ...

What I was hoping for ... what files changed ...
Do I have to start with a clean install of this version and then
go change each file that I have changed to make sure I have
the most current version ??

Sorry ... Haven't been a gallery user long and still trying to get
used to the system. If this is the way it works ... I will make better
notes of what changes I made to what file. As of right now ... all I have
is a directory of the files that I changed ... so backtracking to make
sure I make all the right changes again will take awhile.

My fault for not keeping better track of the changes I made ...

2005-01-25 Chris Kelly <ckdake@users.sf.net> 1.4.4-pl5

* 1.4.4-pl5 Release

2005-1-25 Jay Rossiter <cryptographite@users.sf.net> 1.4.4-pl5-cvs-b3

* Fix: PHP5 added to setup/.htaccess

2005-1-24 Jay Rossiter <cryptographite@users.sf.net> 1.4.4-pl5-cvs-b2

* Fix: ImageMagick 6.0 auto-detection

* Fix: missing "global $gallery;" in AlbumDB could cause warning messages
on PHP5

2005-1-24 Jay Rossiter <cryptographite@users.sf.net> 1.4.4-pl5-cvs-b1

* Fix: Correct unsanitized user-input

 
yellowtailshark

Joined: 2004-10-06
Posts: 4
Posted: Fri, 2005-01-28 01:52

Yeah I often wonder what files were changed too. I guess what you can try is a file-by-file filesize comparison between the latest version against the version you have (from the original package, not the modified files). That way you can detect which files have changed between the two releases. Additionally, each file in the header has its own version value. So if you see a difference in size, you can verify the changes by comparing the versions.

From 1.4.4-pl4, my guess (but don't take my word for it) is that these files were modified:

index.php
init.php
search.php
Version.php
util.php
view_photo.php

 
antjedi

Joined: 2005-01-28
Posts: 5
Posted: Fri, 2005-01-28 02:05
 
fryfrog

Joined: 2002-10-30
Posts: 3236
Posted: Fri, 2005-01-28 02:47

The unix / linux tool "diff" is a great way of seeing differences between files. It can be used with the "patch" utility to (surprize) patch things with the diff you made.

For example, take a look at the file http://fryfrog.com/gallery-1.4.4-pl4.to.gallery-1.4.4-pl5.diff anything with a + is a new line, anything with a - is removed. It could be applied with "patch -p1 < gallery-1.4.4-pl4.to.gallery-1.4.4-pl5.diff" if you wanted. This is how I upgrade between gallery versions so I don't lose my changes.

 
h0bbel
h0bbel's picture

Joined: 2002-07-28
Posts: 13451
Posted: Fri, 2005-01-28 16:44

Also, browsing the cvs tree on http://cvs.sourceforge.net/viewcvs.py/gallery/ might be helpful.

 
forrie

Joined: 2002-08-20
Posts: 69
Posted: Fri, 2005-01-28 19:19

I cannot get "cvs update" to work any longer - what's up?

CVSROOT=:pserver:anonymous@cvs.sourceforge.net:/cvsroot/gallery

Errors:

cvs [update aborted]: end of file from server (consult above messages if any)

This has been a problem for the last 2 or 3 days.

 
h0bbel
h0bbel's picture

Joined: 2002-07-28
Posts: 13451
Posted: Fri, 2005-01-28 19:30

forrie, sf.net anonymous CVS has been unstable and at times unavailable the last few days. They are working on the issue, so the only thing to do is try again later.