Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 21 HPLIP Security Advisory: Insecure Binary Verification Fix

fedora
Calendar Grey July 30, 2015
Dist Fedora Esm H88
This patch resolves a vulnerability concerning binary driver validation in hplip. Crucial for Fedora 21 users to implement.
fixes CVE-2015-0839

Summary

The Hewlett-Packard Linux Imaging and Printing Project provides

drivers for HP printers and multi-function peripherals.

Update Information:

fixes CVE-2015-0839

Topics%20covered

Topics Covered

security advisory security update fedora driver fix hplip binary verification insecure issue

Change Log

* Tue Jul 21 2015 Jiri Popelka - 3.14.10-9 - Insecure binary driver verification (CVE-2015-0839, bug #1227253) * Mon Mar 16 2015 Tim Waugh - 3.14.10-8 - Ignore IOError when logging output (bug #712537). * Wed Jan 21 2015 Tim Waugh - 3.14.10-7 - Fixed uses of strncpy throughout. * Wed Jan 14 2015 Tim Waugh - 3.14.10-6 - Requires python3-cups to get postscriptdriver() tags. * Tue Dec 23 2014 Tim Waugh - 3.14.10-5 - Fixed left/right margins for HP DeskJet 990C (LP #1405212). * Tue Nov 4 2014 Tim Waugh - 3.14.10-4 - IEEE 1284 Device ID for HP LaserJet Professional M1132 MFP (bug #1158743 comment #5). - IEEE 1284 Device ID for HP LaserJet Color M451dn (bug #1159380). * Fri Oct 31 2014 Tim Waugh - 3.14.10-3 - Fixed build against libjpeg-turbo 1.3.90. * Fri Oct 31 2014 Tim Waugh - 3.14.10-2 - Fixed incorrect name in function call in makeURI when a parallel port device is used (bug #1159161).

References


[ 1 ] Bug #1227252 - CVE-2015-0839 hplip: hp-plugin verified binary download with short key ID https://bugzilla.redhat.com/show_bug.cgi?id=1227252

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update hplip' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: hplip
Product: Fedora 21
Version: 3.14.10
Release: 9.fc21
URL: https://sourceforge.net/projects/hplip/
Summary: HP Linux Imaging and Printing Project

Topics%20covered

Topics Covered

security advisory security update fedora driver fix hplip binary verification insecure issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here