Ubuntu
hplip package

hpijs package update fails: "invalid size" - 2.7.7.dfsg.1-0ubuntu5.1

Bug #301277 reported by DJ Molny
4
Affects Status Importance Assigned to Milestone
hplip (Ubuntu)
New
Undecided
Unassigned

Bug Description

Binary package hint: hpijs

Ubuntu Desktop Edition (7.10 Gutsy) said there is an update that needed to be applied. When I run the Update Manager, the file downloads and then the following error message appears: "W: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/h/hplip/hpijs_2.7.7+2.7.7.dfsg.1-0ubuntu5.1_i386.deb Size mismatch"

The description of this update is:

"Version 2.7.7.dfsg.1-0ubuntu5.1:

  * SECURITY UPDATE: privilege escalation using the hplip alert-mailing
    functionality.
    - debian/patches/91_SECURITY_CVE-2008-2940.dpatch: fix handle_event()
      in hpssd.py to validate device-uri parameter and disable
      handle_setalerts(). This fix alters hplip behaviour by preventing
      users from setting alerts and by moving alert configuration to a
      root-controlled /etc/hp/alerts.conf file.
    - CVE-2008-2940
  * SECURITY UPDATE: denial of service in hpssd message parser.
    - debian/patches/92_SECURITY_CVE-2008-2941.dpatch: fix handle_event()
      in hpssd.py to correctly validate parameters.
    - CVE-2008-2941

Version 2.7.7.dfsg.1-0ubuntu5:

  * SECURITY UPDATE: arbitrary command execution via network
  * Add debian/patches/90_subprocess_replacement: use subprocess instead.
  * References
    https://launchpad.net/bugs/149121
    CVE-2007-5208

Version 2.7.7.dfsg.1-0ubuntu4:

  * debian/55-hpmud.rules: Changed UDEV rules to set owner "lp",
    group "scanner", and permissions 0660 for the /dev/... files, so
    that non-privileged users (not in "lp" group, but in "scanner"
    group) can also access the HP printers. Simply using 0666
    permissions is a security problem (LP: #147369).

Version 2.7.7.dfsg.1-0ubuntu3:

  * debian/rules, debian/55-hpmud.rules:
    Updated UDEV rules for HPLIP to the ones of HPLIP 2.7.9. The current
    rules do not work any more (LP: #147369)

Version 2.7.7.dfsg.1-0ubuntu2:

  * debian/control, debian/hplip.install, debian/hplip-gui.install,
    debian/rules:
    Moved menu entries for the GUI utilities into the new hplip-gui package.
    This package requires python-qt3 and so the menu entries can never appear
    if python-qt3 is not installed. Let the main package (hplip) recommend
    hplip-gui instead of python-qt3 now. Fixes: LP: #67892, LP: #86893,
    LP: #134480, LP: #137168

Version 2.7.7.dfsg.1-0ubuntu1:

  * Modified upstream source tarball: Firmware files for HP LaserJet 1018
    and 1020 removed on HP's request
  * debian/control, debian/rules, debian/hplip-data.install,
    debian/hplip-firmware.install: Removed hplip-firmware binary package.
  * debian/README.Source: Updated packaging documentation
  * debian/hpijs.README.Debian, debian/hpijs.NEWS, debian/hpijs-ppds.NEWS,
    debian/hpijs.1, debian/control: linuxprinting.org -> openprinting.org"

Revision history for this message
DJ Molny (djmolny) wrote : Re: [Bug 301277] Re: hpijs package update fails: "invalid size" - 2.7.7.dfsg.1-0ubuntu5.1

Marc -

Thanks for your attention to this. I just ran an apt-get update /
apt-get upgrade and the problem cleared.

Regards,
DJ

Marc Deslauriers wrote:
> *** This bug is a duplicate of bug 300247 ***
> https://bugs.launchpad.net/bugs/300247
>
> ** This bug has been marked a duplicate of bug 300247
> apt-get upgrade (hplip...) fails on gutsy
>
> ** Visibility changed to: Public
>
> ** This bug is no longer flagged as a security issue
>
>

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.