[SECURITY] Fedora 7 Update: hplip-1.7.4a-6.fc7

updates at fedoraproject.org updates at fedoraproject.org
Fri Oct 12 20:02:57 UTC 2007


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-2527
2007-10-12 20:02:48.300459
--------------------------------------------------------------------------------

Name        : hplip
Product     : Fedora 7
Version     : 1.7.4a
Release     : 6.fc7
URL         : http://hplip.sourceforge.net/
Summary     : HP Linux Imaging and Printing Project
Description :
The Hewlett-Packard Linux Imaging and Printing Project provides
drivers for HP printers and multi-function peripherals.

--------------------------------------------------------------------------------
Update Information:

This update fixes a vulnerability in the hpssd daemon.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 12 2007 Tim Waugh <twaugh at redhat.com> 1.7.4a-6
- Build requires openssl-devel.
- Applied patch to fix CVE-2007-5208 (bug #329111).
* Tue Oct  9 2007 Tim Waugh <twaugh at redhat.com> 1.7.4a-5
- Use raw instead of 1284.4 communication for LJ4000 series (bug #249191).
* Mon Sep 10 2007 Tim Waugh <twaugh at redhat.com>
- Backported cmd_print/cmd_scan traceback fix from 2.7.7 (bug #283291).
* Mon Jul 16 2007 Tim Waugh <twaugh at redhat.com>
- Low ink is a warning condition, not an error.
* Wed Jul 11 2007 Tim Waugh <twaugh at redhat.com>
- Show the HP Toolbox menu entry again.
* Mon Jul  9 2007 Tim Waugh <twaugh at redhat.com> 1.7.4a-4
- Read system config when run as root (bug #242974).
* Thu Jun 28 2007 Tim Waugh <twaugh at redhat.com> 1.7.4a-3
- Another go at avoiding AVC messages on boot (bug #244205).
* Thu Jun 14 2007 Tim Waugh <twaugh at redhat.com> 1.7.4a-2
- Don't try to write a /root/.hplip.conf file when running as a CUPS
  backend (bug #244205).
* Wed Jun 13 2007 Tim Waugh <twaugh at redhat.com> 1.7.4a-1
- Don't put the version in the desktop file; let desktop-file-install do it.
- 1.7.4a.  No longer need marker-supply or faxing-with-low-supplies
  patches.  Cheetah and cherrypy directories no longer shipped in source
  tarball.
* Mon Jun 11 2007 Tim Waugh <twaugh at redhat.com> 1.7.2-13
- Don't ship hp-check (bug #243273).
- Moved hp-setup back to the base package, and put code in
  utils.checkPyQtImport() to check for the gui sub-package as well as
  PyQt (bug #243273).
* Fri Jun  8 2007 Tim Waugh <twaugh at redhat.com>
- Moved hp-setup to the ui package (bug #243273).
* Wed May 30 2007 Tim Waugh <twaugh at redhat.com> 1.7.2-11
- Prevent SELinux audit message from the CUPS backends (bug #241776)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #329111 - CVE-2007-5208 hplip arbitrary command execution [F7]
        https://bugzilla.redhat.com/show_bug.cgi?id=329111
  [ 2 ] CVE-2007-5208
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5208
--------------------------------------------------------------------------------
Updated packages:

2c6dafcf59ea6ad25e4b0f21824e272e15eac490 hplip-gui-1.7.4a-6.fc7.ppc64.rpm
c63a95a36a63c5e67d2e3ae582d6d3390244ab57 hplip-1.7.4a-6.fc7.ppc64.rpm
918acf9691c65c7fb3338719b3ea18b9ec772aef hpijs-1.7.4a-6.fc7.ppc64.rpm
6cbb7cfb4a75f71cdaf8d8ffb286b405e02eecbe hplip-debuginfo-1.7.4a-6.fc7.ppc64.rpm
c1aa00429151f0abd474c7fc769522c973012c5b libsane-hpaio-1.7.4a-6.fc7.ppc64.rpm
6e5d32d1e1166567063137c0a1c0d480cc95b8a0 hplip-1.7.4a-6.fc7.i386.rpm
be5b515d659ca4f2b5f88797afd0676368475d1f hplip-debuginfo-1.7.4a-6.fc7.i386.rpm
924ba1bbe5bbf05e336dbb51062ee277b6c9ead4 libsane-hpaio-1.7.4a-6.fc7.i386.rpm
0c651369df8ab3007999a8b909f3ec447e5718a6 hpijs-1.7.4a-6.fc7.i386.rpm
48551d094070e7efd09fc2bb5d95a0166828187c hplip-gui-1.7.4a-6.fc7.i386.rpm
438742d2769d09d660a06244cdbbc072afbcc22f hplip-gui-1.7.4a-6.fc7.x86_64.rpm
d6fad1250fa848d942d515eb83ca2eba338e1eb2 hplip-1.7.4a-6.fc7.x86_64.rpm
2523f339146023931ca41814ed0fbce16af38ef8 libsane-hpaio-1.7.4a-6.fc7.x86_64.rpm
f96a70070bfc770d82dfccbd9a846ad297972de7 hpijs-1.7.4a-6.fc7.x86_64.rpm
19e9c272ad2755db6a52edc468f2faefa840824d hplip-debuginfo-1.7.4a-6.fc7.x86_64.rpm
d3dc4e6e0ebe963da2e7976e8d081be0197bec1d hpijs-1.7.4a-6.fc7.ppc.rpm
19616ca728fb8c046f94d07c9bff4a02ddb84014 hplip-debuginfo-1.7.4a-6.fc7.ppc.rpm
69951042bee9eaf0f47780386ed4deefc4108030 libsane-hpaio-1.7.4a-6.fc7.ppc.rpm
435b50f8d634bd624d3c8a6b3abb99d5249ec8ee hplip-gui-1.7.4a-6.fc7.ppc.rpm
cb3a3e72f73822cb0d6f107ce22a6bad4daf1bb1 hplip-1.7.4a-6.fc7.ppc.rpm
28dbfa04f0b01e31420d9dd075b5ab5b80ed724b hplip-1.7.4a-6.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update hplip' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list