CE4 Gallery, Client Response Gallery Updates

We have released updated versions of CE4 Gallery and CE4 Client Response Gallery. These updates address a potential security exploit in the download.php file handling image downloads. We are not aware of this exploit ever having been abused. In any case, all patched up now. And download.php is the only file changed in this update.

This is the final update for CE4. We will be releasing a complete statement in a forthcoming newsletter.

If you’re still using CE4, then by all means download this update and use it to create future galleries. However, it is likely not worthwhile to spend time updating existing galleries online. Or if you’re keen to spend time updating things, isn’t it time to get on with Backlight? Because that would be an update worth making. Seriously. For serious. I’m sssooo serious. I really am. Back. Light. Backlight. Take back your light. BACKLIGHT!

2 thoughts on “CE4 Gallery, Client Response Gallery Updates”

  1. I, and several others I know, still use your CE3 plugins for our websites.

    Does this security issue affect us too?

    If so, is there going to be a fix available?

    1. CE3 used a different download.php script, so is not impacted by this issue in particular.

      That said, we no longer support CE3. At this point, I really must encourage you to update to Backlight.

Leave a Reply

Your email address will not be published. Required fields are marked *

Lightroom Plugins

We are entirely focused on developing and supporting Backlight, but our older plugins for Lightroom’s Web Module remain available. Get them here.

Friends & Affiliates

LightroomQueen - Lightroom, the missing FAQ

Check out Sendy, a self hosted newsletter web app that lets you send emails 100x cheaper via Amazon SES.