Assigning to the gnome maintainers, since there is no registered maintainer for this package. Please reassign to all packagers collectively <pkg-bugs@ml.mageia.org>, if that's what I should have done (the package being designed for Gnome, but Gnome not being its upstream).

Assignee: bugsquad => gnome
CC: (none) => jani.valimaa, marja11, olav

Update submitted to the build system, which is way behind, so may take a few hours to become available.

Advisory:
========================

Updated shotwell package fixes security vulnerability:

It was discovered that Shotwell is vulnerable to an information disclosure
in the web publishing plugins resulting in potential password and oauth token
plaintext transmission (CVE-2017-1000024).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17439
https://usn.ubuntu.com/usn/usn-3379-1/
========================

Updated packages in core/updates_testing:
========================
shotwell-0.22.1-0.20160310.1.1.mga5

from shotwell-0.22.1-0.20160310.1.1.mga5.src.rpm

Assignee: gnome => qa-bugs

Trying M5/64: shotwell-0.22.1-0.20160310.1.1.mga5
Under KDE.

Using this with a good number of existing imported photos - coincidentally all JPEGs - seemed to work. Everything.
BUT when I tried importing more photos from two directories:
 File -> Import from folder
particularly to add some non-JPG files - complete failure. *Every* file in selected directories was greyed, including legitimate format images like jpg, png, tif. This must have worked in the past for me to have imported Shotwell's existing repertoire.
This is no good for me (unless somebody points out an error in my ways).

CC: (none) => lewyssmith

I have just been following this up Lewis.  The update went smoothly and the existing library showed up.  For a while I had the same trouble as you - every file was greyed out.  Had a look at the command and noted Import from "folder". Aha.  No individual files.  Maybe there is a way to do that.  Selecting a folder and clicking OK does the job - you get every image.  I tried both 'import in place' and 'copy from folder'; both worked.  Leaving it in your hands.

CC: (none) => tarazed25

(In reply to Len Lawrence from comment #4)
> Leaving it in your hands.
Rotter! But thank you for finding the answer (which I do not like - no individual file selection): the old case of "simple when you know how"; and I *had* read the Help. Our two tests together certainly deserve a good OK.

Whiteboard: (none) => MGA5-64-OK
CC: lewyssmith => (none)

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2017-0480.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED