Today we where informed of a SQL injection for JPhoto. After significant review of this we realized that we made a minor mistake on our part and have pushed through an early release of JPhoto. You can find out more information about the exploit here: Secunia. This version comes with a few bug fixes and some new features which will be explained in a later blog post
To upgrade simply download and install the new version of JPhoto by installing it over the current one that you have, it packaged as an upgrade. If Joomla gives you errors on installing then you have the permissions set incorrectly on your site and you will need to uninstall JPhoto and install it again, just take note of all of the configuration settings!
Thank you for using JPhoto.