drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in HPLIP
Name: |
Mangelnde Rechteprüfung in HPLIP |
|
ID: |
USN-1956-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 |
|
Datum: |
Mi, 18. September 2013, 18:43 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4325 |
|
Applikationen: |
HP Linux Imaging and Printing |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============3679534073950777808== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig48FF06B3631AD6E2ACB24C64"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig48FF06B3631AD6E2ACB24C64 Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1956-1 September 18, 2013
hplip vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04 - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS
Summary:
HPLIP could be tricked into bypassing polkit authorizations.
Software Description: - hplip: HP Linux Printing and Imaging System (HPLIP)
Details:
It was discovered that HPLIP was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 13.04: hplip 3.13.3-1ubuntu0.1
Ubuntu 12.10: hplip 3.12.6-3ubuntu4.1
Ubuntu 12.04 LTS: hplip 3.12.2-1ubuntu3.2
Ubuntu 10.04 LTS: hplip 3.10.2-2ubuntu2.3
After a standard system update you need to reboot your computer to make all the necessary changes.
References: http://www.ubuntu.com/usn/usn-1956-1 CVE-2013-4325
Package Information: https://launchpad.net/ubuntu/+source/hplip/3.13.3-1ubuntu0.1 https://launchpad.net/ubuntu/+source/hplip/3.12.6-3ubuntu4.1 https://launchpad.net/ubuntu/+source/hplip/3.12.2-1ubuntu3.2 https://launchpad.net/ubuntu/+source/hplip/3.10.2-2ubuntu2.3
--------------enig48FF06B3631AD6E2ACB24C64 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJSOcGHAAoJEGVp2FWnRL6TrT4P/RGYRTWRgmFOZksNZlnhfAIk Qa5Q5ykvknr3XsiW2ihjMRPllrDFGIfneCOGOuys8ixR3zhtb0s224G7z1shOGd3 M7o/0lvMq+TZi5acM2OHj69mFjEfC5USr2y7RzvFpzCRCQdXxxgGPMmeajcRi7uC SxSqOdzYqAUqhS7yb6pUgDHVQ+2ojXRq9bPEPQxb1XvEavjkzlufBL+kHpiPyZFT suAbdO2/65FmdHbO5LaEhVVFexmo94SIAvD2LjgbQVLy5esdCZfarj499B+u3QG5 bOkX3qKYF0BoGwmZtC+k+h/yE6ra2LVOKBM+VQYBF52I/bexPW8eAdC1m3yUVkPd CJQUkj1Vcn6cjqrBVf6zWN3UwG8LuwHnE228NQth8AZuqmoh9n2ypUEr5DotWNVp sZhKSdSVQPUBwqSMUGFqNtxLJzyfFy8YiBBrH3zdtr0wgdvwpFvsyhkZ8U6r5a2f 4NyZwYR3Yi4Cs6nYpAkrbCOrsdTEV5EVc85PYRHZ5w0W4w+q+7CTScwsPgbPMlF0 V7j6XTHfwhR38Xg4FffMYNHznD5sIj8U6h1UzdPpwpZkGIYXXuEaXHan2mueJkJa wjMXmvtRgv3S6SANGoD3RLWf3qPd1KV3B7BhAEaGR0K+D43ikCSUKBDq1EwDD9rS uadVK4gHEchGR7qJ6ZpC =Ve8O -----END PGP SIGNATURE-----
--------------enig48FF06B3631AD6E2ACB24C64--
--===============3679534073950777808== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3679534073950777808==--
|
|
|
|