[ubuntu/lucid-security] hplip 3.10.2-2ubuntu2.4 (Accepted)

Marc Deslauriers Mon, 30 Sep 2013 11:32:03 -0700

hplip (3.10.2-2ubuntu2.4) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary file overwrite via temp file vulnerability
    - debian/patches/CVE-2011-2722.dpatch: remove insecure code from
      prnt/hpijs/hpcupsfax.cpp.
    - CVE-2011-2722
  * SECURITY UPDATE: arbitrary file overwrite via temp file vulnerability
    - debian/patches/CVE-2013-0200.dpatch: use unpredictable temp file names
      in prnt/hpcups/HPCupsFilter.cpp, prnt/hpcups/SystemServices.cpp,
      prnt/hpijs/hpijs.cpp.
    - CVE-2013-0200
  * debian/patches/00patch-opts: remove deprecated U option so we can
    manipulate this package in saucy.


Date: 2013-09-27 17:05:16.080526+00:00
Changed-By: Marc Deslauriers <[email protected]>
https://launchpad.net/ubuntu/lucid/+source/hplip/3.10.2-2ubuntu2.4

Sorry, changesfile not available.

-- 
Lucid-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/lucid-changes

[ubuntu/lucid-security] hplip 3.10.2-2ubuntu2.4 (Accepted)

Reply via email to