• Update September 27th, 2009: Another vulnerability was found in 0.3.5. Please upgrade to 0.3.6. The download link in this post has been updated.

This release has fixed a directory traversal vulnerability and has some speed improvements (~15% on my development server).

Here is the changelog:

• Renamed index.php to example.php.
• Fixed directory traversal vulnerability. Fixed by bc.
• *_sort_order options need different values. See example.php for information.
• Some small optimizations (e.g. scandir instead of readdir).
• Removed the filesize_limit option. This slowsdown everything and a user should be able to check his/her photos or other images before he puts them online.
• Fixed directory traversal vulnerability (again). Reported by Secunia Research.

The latest release can be downloaded from the downloads page on Github.