A security hole, which allows for arbitrary code execution, has been recently discovered in the Snoopy web client library, which is bundled with Gregarius.
Only Gregarius installations which are publicly accessible on the Internet, and whose administration area is not password-protected are affected, but to avoid unnecessary risk Gregarius 0.5.2 has been re-released with a fix for this security hole. You are strongly encouraged to upgrade your installation.
You should either:
Download the updated release from sourceforge.net: make sure you download either of rss-0.5.2a.tar.gz or rss-0.5.2a.zip, or:
Replace the rss/extlib/Snoopy.inc.php file with the fixed version, or:
Upgrade your installation using a nightly build.
We apologize for the inconvenience :)