drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in hplip
Name: |
Mangelnde Rechteprüfung in hplip |
|
ID: |
FEDORA-2013-17112 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 18 |
|
Datum: |
Sa, 19. Oktober 2013, 09:59 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325 |
|
Applikationen: |
HP Linux Imaging and Printing |
|
Originalnachricht |
Name : hplip Product : Fedora 18 Version : 3.13.9 Release : 2.fc18 URL : http://hplip.sourceforge.net/ Summary : HP Linux Imaging and Printing Project Description : The Hewlett-Packard Linux Imaging and Printing Project provides drivers for HP printers and multi-function peripherals.
------------------------------------------------------------------------------- - Update Information:
This update brings in the latest upstream release and fixes a security issue with the way polkit is used for authentication. ------------------------------------------------------------------------------- - ChangeLog:
* Wed Sep 18 2013 Tim Waugh <twaugh@redhat.com> - 3.13.9-2 - Applied patch to avoid unix-process authorization subject when using polkit as it is racy (bug #1009541, CVE-2013-4325). * Tue Sep 10 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.9-1 - 3.13.9: hplipjs filter removed, several patches applied upstream * Wed Aug 14 2013 Tim Waugh <twaugh@redhat.com> - 3.13.8-2 - Moved hpps filter to hpijs sub-package (bug #996852). - Fixed typo in systemtray.py (bug #991638). * Tue Aug 13 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.8-1 - 3.13.8 * Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.13.7-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Tue Jul 23 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.7-1 - 3.13.7 - Device IDs for CM4540 (bug #968177) and cp4005 (bug #980976). * Mon Jun 24 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.6-2 - add one more arch-specific dependency. * Mon Jun 24 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.6-1 - 3.13.6 - hplip-ipp-accessors.patch merged upstream - /etc/cron.daily/hplip_cron -> /usr/share/hplip/hplip_clean.sh * Wed May 29 2013 Tim Waugh <twaugh@redhat.com> - 3.13.5-2 - Avoid several bugs in createTempFile (bug #925032). * Tue May 14 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.5-1 - 3.13.5 - change udev rule to not add printer queue, just check plugin. * Fri May 10 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.4-3 - Device ID for HP LaserJet 2200 (bug #873123#c8). * Thu Apr 11 2013 Tim Waugh <twaugh@redhat.com> - 3.13.4-2 - Fixed changelog dates. - Device ID for HP LaserJet P1005 (bug #950776). - mark cron job file as config(noreplace) * Tue Apr 9 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.4-1 - 3.13.4 * Fri Mar 15 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.3-3 - Remove unused Requires. * Thu Mar 14 2013 Tim Waugh <twaugh@redhat.com> - 3.13.3-2 - Moved hpfax pipe to /var/run/hplip (bug #917756). * Fri Mar 8 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.3-1 - 3.13.3 * Thu Feb 14 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.2-1 - 3.13.2 * Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.12.11-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild * Tue Jan 22 2013 Jiri Popelka <jpopelka@redhat.com> - 3.12.11-7 - No need to run update-desktop-database (and require desktop-file-utils) because there are no MimeKey lines in the desktop files. * Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 3.12.11-6 - rebuild due to "jpeg8-ABI" feature drop * Fri Jan 18 2013 Jiri Popelka <jpopelka@redhat.com> 3.12.11-5 - Use arch-specific dependencies. - Don't provide private python extension libs. * Wed Jan 16 2013 Jiri Popelka <jpopelka@redhat.com> 3.12.11-4 - hpijs no longer requires net-snmp (bug #376641, bug #895643). * Tue Jan 15 2013 Jiri Popelka <jpopelka@redhat.com> 3.12.11-3 - Use the form of import of PIL that is pillow compatible (bug #895266). * Fri Dec 7 2012 Jiri Popelka <jpopelka@redhat.com> 3.12.11-2 - desktop file: remove deprecated Encoding key and Application category ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1006674 - CVE-2013-4325 hplip: Insecure calling of polkit https://bugzilla.redhat.com/show_bug.cgi?id=1006674 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update hplip' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|