SECURITY ISSUES WITH GALLERY?

[souravga]

I have 1.4.17 gallery version. I want to ensure that this version has no spyware or malware. I am getting trojan warnings on my site and my server host has made sure that the account is secure. They want me to ensure that all third party applications are safe to use.

Also, if there are any new upgrades, how can I upgrade without losing any of the data on the gallery?

[Nibbler]

Current version is 1.4.19 and there are update instructions in the documentation.

For cleanup instructions see http://forum.coppermine-gallery.net/index.php/topic,51927.0.html

[souravga]

Thanks. Is there a way I can know what the infected files are? I'm really unsure what files may be infected. As for the coopermine gallery, is that suspectible to attacks...can I assume it is a safe application to use?

[Hein Traag]

1.4.19 is safe to use. Read that article Nibbler point you to, most questions are answered in there.

[souravga]

did the 1.4.17 have malware? I was told that one of the older versions of coppermine was infected. This is the version I am using right now.

[Fabricio Ferrero]

This is the version I am using right now.

But yo have to stop using it inmediatly. There is no *infected* version of Coppermine. You get infected because it was an old version. Don't post anymore, just follow Nibbler's link and do as suggested.

[souravga]

yes that's fine. But when I downloaded it, that was the latest version. If it gets infected simply because it's old, that is bad because I cannot check everyday to see whether there is a new version or not. Is there a way I can be on the mailing list or something?

[Nibbler]

You can subscribe to notifications on the download page and/or subscribe to the announcements board on this forum.

[souravga]

can you please provde me the link? I couldn't find it under announcmenets.

Also, int he installtion of the new upgraded version, it says to not replace the config.php file. I am unsure which they are referring to because I have a config.php file in the cpg1419 folder and another in cpg1419/include/config.php.

Could you please tell me which is the file I need to save?

Thanks,

[François Keller]

you must not overwrite the include/config.inc.php file

[Hein Traag]

To be notified of new topics being posted on any part of the forum you must go to that part (for example the announcements) and click on the Notify button at the top. See screenshot.

[souravga]

should all the other files except config.php in the include folder be replaced? Also, is it ok to upload the config.php file that lies outside in the cpg1419 folder?

Thanks for the help.

[Hein Traag]

Read The Fabulous Manual  http://coppermine-gallery.net/demo/cpg14x/docs/index.htm#14

[Joachim Müller]

This thread is cluttered with replies by the thread starter that clearly show that he hasn't read the docs, nor board rules, not did he use the search. The subject line is crap, there's a lot of thread drift. That's enough misbehaviour for one thread imo. Locking.