Format: 1.7
Date: Thu, 20 Nov 2008 09:46:21 -0500
Source: hplip
Binary: hpijs hplip-data hpijs-ppds hplip hplip-doc hplip-gui hplip-dbg
Architecture: amd64_translations amd64
Version: 2.7.7.dfsg.1-0ubuntu5.2
Distribution: gutsy
Urgency: low
Maintainer: Ubuntu/amd64 Build Daemon <buildd@yellow.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 hpijs      - HP Linux Printing and Imaging - gs IJS driver (hpijs)
 hplip      - HP Linux Printing and Imaging System (HPLIP)
 hplip-dbg  - HP Linux Printing and Imaging - debugging information
Changes: 
 hplip (2.7.7.dfsg.1-0ubuntu5.2) gutsy-security; urgency=low
 .
   * SECURITY UPDATE: privilege escalation using the hplip alert-mailing
     functionality.
     - debian/patches/91_SECURITY_CVE-2008-2940.dpatch: fix handle_event()
       in hpssd.py to validate device-uri parameter and disable
       handle_setalerts(). This fix alters hplip behaviour by preventing
       users from setting alerts and by moving alert configuration to a
       root-controlled /etc/hp/alerts.conf file.
     - CVE-2008-2940
   * SECURITY UPDATE: denial of service in hpssd message parser.
     - debian/patches/92_SECURITY_CVE-2008-2941.dpatch: fix handle_event()
       in hpssd.py to correctly validate parameters.
     - CVE-2008-2941
Files: 
 61ed3cf285e21b349791d7338d68942c 165293 raw-translations - hplip_2.7.7.dfsg.1-0ubuntu5.2_amd64_translations.tar.gz
 80a265e7d17338267b3feff153146444 341462 text optional hpijs_2.7.7+2.7.7.dfsg.1-0ubuntu5.2_amd64.deb
 43eb75455ec39ec0c785003b937d3459 302956 utils optional hplip_2.7.7.dfsg.1-0ubuntu5.2_amd64.deb
 712dad65b22a926810c3a8388af52371 769972 utils extra hplip-dbg_2.7.7.dfsg.1-0ubuntu5.2_amd64.deb
Original-Maintainer: Henrique de Moraes Holschuh <hmh@debian.org>