[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Photo gallery



Martin Sourada wrote:
Thanks for the info. Looks like the gallery2 would satisfy our needs
pretty good. The only two issues I noticed is the missing integration
with FAS (which might be already in progress, as noted by Ricky), and
easy way to handle images sources (which is not a show-stopper for us,
though it would be nice if we could implement that nicely as well).

I guess we could set-up a test gallery2 implementation on one of our
fedorapeople accounts and if it works well, ask for transferring it to
art.fedoraproject.org here?

We also need to decide if we want to run the software in Fedora Infrastructure.

Searching for CVEs was somewhat hard since gallery is a common name for photo gallery software. I found 5 CVE's against Menalto Gallery this year and 9 last year. There are other CVE's that weren't picked up in my search as they did not identify gallery as "menalto" (I googled and found references...) I'm not sure how this compares to other gallery software but it is less than phpnuke, drupal, and other things that I have been against.

We do not yet have SELinux turned on on our app servers (although lmacken and dwalsh have gotten us much closer recently). I am pretty sure we do have mod_security deployed. Do we feel comfortable with this? What are the alternatives that fit the criteria and are they worse?

-Toshio

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]