drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in HPLIP
| Name: |
Mangelnde Rechteprüfung in HPLIP |
|
| ID: |
USN-1956-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 |
|
| Datum: |
Mi, 18. September 2013, 18:43 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325 |
|
| Applikationen: |
HP Linux Imaging and Printing |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============3679534073950777808==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="------------enig48FF06B3631AD6E2ACB24C64"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig48FF06B3631AD6E2ACB24C64
Content-Type: text/plain; charset=UTF-
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-1956-1
September 18, 2013
hplip vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
HPLIP could be tricked into bypassing polkit authorizations.
Software Description:
- hplip: HP Linux Printing and Imaging System (HPLIP)
Details:
It was discovered that HPLIP was using polkit in an unsafe manner. A local
attacker could possibly use this issue to bypass intended polkit
authorizations.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
hplip 3.13.3-1ubuntu0.1
Ubuntu 12.10:
hplip 3.12.6-3ubuntu4.1
Ubuntu 12.04 LTS:
hplip 3.12.2-1ubuntu3.2
Ubuntu 10.04 LTS:
hplip 3.10.2-2ubuntu2.3
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1956-1
CVE-2013-4325
Package Information:
https://launchpad.net/ubuntu/+source/hplip/3.13.3-1ubuntu0.1
https://launchpad.net/ubuntu/+source/hplip/3.12.6-3ubuntu4.1
https://launchpad.net/ubuntu/+source/hplip/3.12.2-1ubuntu3.2
https://launchpad.net/ubuntu/+source/hplip/3.10.2-2ubuntu2.3
--------------enig48FF06B3631AD6E2ACB24C64
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJSOcGHAAoJEGVp2FWnRL6TrT4P/RGYRTWRgmFOZksNZlnhfAIk
Qa5Q5ykvknr3XsiW2ihjMRPllrDFGIfneCOGOuys8ixR3zhtb0s224G7z1shOGd3
M7o/0lvMq+TZi5acM2OHj69mFjEfC5USr2y7RzvFpzCRCQdXxxgGPMmeajcRi7uC
SxSqOdzYqAUqhS7yb6pUgDHVQ+2ojXRq9bPEPQxb1XvEavjkzlufBL+kHpiPyZFT
suAbdO2/65FmdHbO5LaEhVVFexmo94SIAvD2LjgbQVLy5esdCZfarj499B+u3QG5
bOkX3qKYF0BoGwmZtC+k+h/yE6ra2LVOKBM+VQYBF52I/bexPW8eAdC1m3yUVkPd
CJQUkj1Vcn6cjqrBVf6zWN3UwG8LuwHnE228NQth8AZuqmoh9n2ypUEr5DotWNVp
sZhKSdSVQPUBwqSMUGFqNtxLJzyfFy8YiBBrH3zdtr0wgdvwpFvsyhkZ8U6r5a2f
4NyZwYR3Yi4Cs6nYpAkrbCOrsdTEV5EVc85PYRHZ5w0W4w+q+7CTScwsPgbPMlF0
V7j6XTHfwhR38Xg4FffMYNHznD5sIj8U6h1UzdPpwpZkGIYXXuEaXHan2mueJkJa
wjMXmvtRgv3S6SANGoD3RLWf3qPd1KV3B7BhAEaGR0K+D43ikCSUKBDq1EwDD9rS
uadVK4gHEchGR7qJ6ZpC
=Ve8O
-----END PGP SIGNATURE-----
--------------enig48FF06B3631AD6E2ACB24C64--
--===============3679534073950777808==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3679534073950777808==--
|
|
|
|
