Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Scientific Linux 5.x Low Severity: hplip3 Security Update

Scientific Large Esm H446
Low: hplip3 security and bug fix update
Date: Wed, 16 Jan 2013 16:10:46 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Security ERRATA Low: hplip3 on SL5.x i386/x86_64
MIME-Version: 1.0

Synopsis: Low: hplip3 security and bug fix update
Issue Date: 2013-01-08
CVE Numbers: CVE-2011-2722
--

It was found that the HP CUPS (Common UNIX Printing System) fax filter
in HPLIP
created a temporary file in an insecure way. A local attacker could use this
flaw to perform a symbolic link attack, overwriting arbitrary files
accessible
to a process using the fax filter (such as the hp3-sendfax tool).
(CVE-2011-2722)

This update also fixes the following bug:

* Previous modifications of the hplip3 package to allow it to be installed
alongside the original hplip package introduced several problems to fax
support; for example, the hp-sendfax utility could become unresponsive.
These
problems have been fixed with this update.
--

SL5
 x86_64
 hpijs3-3.9.8-15.el5.x86_64.rpm
 hplip3-3.9.8-15.el5.x86_64.rpm
 hplip3-common-3.9.8-15.el5.x86_64.rpm
 hplip3-debuginfo-3.9.8-15.el5.x86_64.rpm
 hplip3-gui-3.9.8-15.el5.x86_64.rpm
 hplip3-libs-3.9.8-15.el5.x86_64.rpm
 libsane-hpaio3-3.9.8-15.el5.x86_64.rpm
 i386
 hpijs3-3.9.8-15.el5.i386.rpm
 hplip3-3.9.8-15.el5.i386.rpm
 hplip3-common-3.9.8-15.el5.i386.rpm
 hplip3-debuginfo-3.9.8-15.el5.i386.rpm
 hplip3-gui-3.9.8-15.el5.i386.rpm
 hplip3-libs-3.9.8-15.el5.i386.rpm
 libsane-hpaio3-3.9.8-15.el5.i386.rpm

- Scientific Linux Development Team
Your message here