the Gallery developers about the Gallery 1.4-pl2 security release : "We've been alerted to a security vulnerability in Gallery 1.4 that can allow remote access to your system. It only affects a very small percentage of Unix installations (though it affects all Windows installations). Only the following versions of Gallery have the bug:
* 1.4
* 1.4-pl1
* 1.4.1 (unreleased; prior to build 145)..[...].." more on the gallery-developersite