[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2013-1274 -- Oracle hplip

ID: oval:org.secpod.oval:def:1500248Date: (C)2013-11-01   (M)2022-10-10
Class: PATCHFamily: unix




Updated hplip packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from the CVE link in the References section. The hplip packages contain the Hewlett-Packard Linux Imaging and Printing Project , which provides drivers for Hewlett-Packard printers and multi-function peripherals. HPLIP communicated with PolicyKit for authorization via a D-Bus API that is vulnerable to a race condition. This could lead to intended PolicyKit authorizations being bypassed. This update modifies HPLIP to communicate with PolicyKit via a different API that is not vulnerable to the race condition. All users of hplip are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

Platform:
Oracle Linux 6
Product:
hplip
Reference:
ELSA-2013-1274
CVE-2013-4325
CVE    1
CVE-2013-4325
CPE    37
cpe:/a:hp:linux_imaging_and_printing_project:3.13.9
cpe:/a:hp:linux_imaging_and_printing_project:3.12.9
cpe:/a:hp:linux_imaging_and_printing_project:3.13.8
cpe:/a:hp:linux_imaging_and_printing_project:3.12.11
...

© SecPod Technologies