LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: August 25th, 2014
Linux Advisory Watch: August 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora 7 Update: hplip-1.7.4a-6.fc7 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora This update fixes a vulnerability in the hpssd daemon.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2527
2007-10-12 20:02:48.300459
--------------------------------------------------------------------------------

Name        : hplip
Product     : Fedora 7
Version     : 1.7.4a
Release     : 6.fc7
URL         : http://hplip.sourceforge.net/
Summary     : HP Linux Imaging and Printing Project
Description :
The Hewlett-Packard Linux Imaging and Printing Project provides
drivers for HP printers and multi-function peripherals.

--------------------------------------------------------------------------------
Update Information:

This update fixes a vulnerability in the hpssd daemon.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 12 2007 Tim Waugh  1.7.4a-6
- Build requires openssl-devel.
- Applied patch to fix CVE-2007-5208 (bug #329111).
* Tue Oct  9 2007 Tim Waugh  1.7.4a-5
- Use raw instead of 1284.4 communication for LJ4000 series (bug #249191).
* Mon Sep 10 2007 Tim Waugh 
- Backported cmd_print/cmd_scan traceback fix from 2.7.7 (bug #283291).
* Mon Jul 16 2007 Tim Waugh 
- Low ink is a warning condition, not an error.
* Wed Jul 11 2007 Tim Waugh 
- Show the HP Toolbox menu entry again.
* Mon Jul  9 2007 Tim Waugh  1.7.4a-4
- Read system config when run as root (bug #242974).
* Thu Jun 28 2007 Tim Waugh  1.7.4a-3
- Another go at avoiding AVC messages on boot (bug #244205).
* Thu Jun 14 2007 Tim Waugh  1.7.4a-2
- Don't try to write a /root/.hplip.conf file when running as a CUPS
  backend (bug #244205).
* Wed Jun 13 2007 Tim Waugh  1.7.4a-1
- Don't put the version in the desktop file; let desktop-file-install do it.
- 1.7.4a.  No longer need marker-supply or faxing-with-low-supplies
  patches.  Cheetah and cherrypy directories no longer shipped in source
  tarball.
* Mon Jun 11 2007 Tim Waugh  1.7.2-13
- Don't ship hp-check (bug #243273).
- Moved hp-setup back to the base package, and put code in
  utils.checkPyQtImport() to check for the gui sub-package as well as
  PyQt (bug #243273).
* Fri Jun  8 2007 Tim Waugh 
- Moved hp-setup to the ui package (bug #243273).
* Wed May 30 2007 Tim Waugh  1.7.2-11
- Prevent SELinux audit message from the CUPS backends (bug #241776)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #329111 - CVE-2007-5208 hplip arbitrary command execution [F7]
        https://bugzilla.redhat.com/show_bug.cgi?id=329111
  [ 2 ] CVE-2007-5208
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5208
--------------------------------------------------------------------------------
Updated packages:

2c6dafcf59ea6ad25e4b0f21824e272e15eac490 hplip-gui-1.7.4a-6.fc7.ppc64.rpm
c63a95a36a63c5e67d2e3ae582d6d3390244ab57 hplip-1.7.4a-6.fc7.ppc64.rpm
918acf9691c65c7fb3338719b3ea18b9ec772aef hpijs-1.7.4a-6.fc7.ppc64.rpm
6cbb7cfb4a75f71cdaf8d8ffb286b405e02eecbe hplip-debuginfo-1.7.4a-6.fc7.ppc64.rpm
c1aa00429151f0abd474c7fc769522c973012c5b libsane-hpaio-1.7.4a-6.fc7.ppc64.rpm
6e5d32d1e1166567063137c0a1c0d480cc95b8a0 hplip-1.7.4a-6.fc7.i386.rpm
be5b515d659ca4f2b5f88797afd0676368475d1f hplip-debuginfo-1.7.4a-6.fc7.i386.rpm
924ba1bbe5bbf05e336dbb51062ee277b6c9ead4 libsane-hpaio-1.7.4a-6.fc7.i386.rpm
0c651369df8ab3007999a8b909f3ec447e5718a6 hpijs-1.7.4a-6.fc7.i386.rpm
48551d094070e7efd09fc2bb5d95a0166828187c hplip-gui-1.7.4a-6.fc7.i386.rpm
438742d2769d09d660a06244cdbbc072afbcc22f hplip-gui-1.7.4a-6.fc7.x86_64.rpm
d6fad1250fa848d942d515eb83ca2eba338e1eb2 hplip-1.7.4a-6.fc7.x86_64.rpm
2523f339146023931ca41814ed0fbce16af38ef8 libsane-hpaio-1.7.4a-6.fc7.x86_64.rpm
f96a70070bfc770d82dfccbd9a846ad297972de7 hpijs-1.7.4a-6.fc7.x86_64.rpm
19e9c272ad2755db6a52edc468f2faefa840824d hplip-debuginfo-1.7.4a-6.fc7.x86_64.rpm
d3dc4e6e0ebe963da2e7976e8d081be0197bec1d hpijs-1.7.4a-6.fc7.ppc.rpm
19616ca728fb8c046f94d07c9bff4a02ddb84014 hplip-debuginfo-1.7.4a-6.fc7.ppc.rpm
69951042bee9eaf0f47780386ed4deefc4108030 libsane-hpaio-1.7.4a-6.fc7.ppc.rpm
435b50f8d634bd624d3c8a6b3abb99d5249ec8ee hplip-gui-1.7.4a-6.fc7.ppc.rpm
cb3a3e72f73822cb0d6f107ce22a6bad4daf1bb1 hplip-1.7.4a-6.fc7.ppc.rpm
28dbfa04f0b01e31420d9dd075b5ab5b80ed724b hplip-1.7.4a-6.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update hplip' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.