hplip 0.9.7-4ubuntu1.1 source package in Ubuntu

Changelog

hplip (0.9.7-4ubuntu1.1) dapper-security; urgency=low

  * SECURITY UPDATE: privilege escalation using the hplip alert-mailing
    functionality.
    - debian/patches/70_SECURITY_CVE-2008-2940.dpatch: fix handle_event()
      in hpssd.py to validate device-uri parameter and disable
      handle_setalerts(). This fix alters hplip behaviour by preventing
      users from setting alerts and by moving alert configuration to a
      root-controlled /etc/hp/alerts.conf file.
    - CVE-2008-2940
  * SECURITY UPDATE: denial of service in hpssd message parser.
    - debian/patches/71_SECURITY_CVE-2008-2941.dpatch: fix handle_event()
      in hpssd.py to correctly validate parameters.
    - CVE-2008-2941

 -- Marc Deslauriers <email address hidden>   Tue, 18 Nov 2008 13:39:37 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Dapper
Original maintainer:
Henrique de Moraes Holschuh
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
hplip_0.9.7.orig.tar.gz 9.3 MiB 1aaa494d4297c598dfd85632d55e0942995b44011b580166e5c30df82a749ff6
hplip_0.9.7-4ubuntu1.1.diff.gz 220.9 KiB 4263bcafd26ce3ae1178004caf06fed0af9690d8ba693bb1a24265235dbcaf5b
hplip_0.9.7-4ubuntu1.1.dsc 805 bytes 2d8e7c9d93ffa57bcc8f68650d514896395a506a1c66739d5a59b6569191946e

View changes file

Binary packages built by this source

hpijs: No summary available for hpijs in ubuntu dapper.

No description available for hpijs in ubuntu dapper.

hplip: No summary available for hplip in ubuntu dapper.

No description available for hplip in ubuntu dapper.

hplip-data: No summary available for hplip-data in ubuntu dapper.

No description available for hplip-data in ubuntu dapper.

hplip-ppds: No summary available for hplip-ppds in ubuntu dapper.

No description available for hplip-ppds in ubuntu dapper.