On Sat, 26 Nov 2011 04:38:19 Moritz Mühlenhoff wrote:
> CVE-2011-2722 itself doesn't warrant a DSA. Could the hplip maintainers
> please fix this through a point update?
> http://www.debian.org/doc/manuals/developers-reference/pkgs.html#upload-sta
> ble
Moritz and odyx,
Thanks for chasing this do
On Fri, 25 Nov 2011 21:49:57 Didier Raboud wrote:
> Okay, we need to get this done.
>
> Please:
>
> * rename hpijs to printer-driver-hpijs;
> * rename hplip-cups to printer-driver-hpcups;
odyx,
No problems.
> I can provide patches if wanted, but unfortunately, the svn repository
> pointed at b
On Fri, Nov 25, 2011 at 02:04:44PM +0100, Didier Raboud wrote:
> Le vendredi, 25 novembre 2011 12.16:06, Didier Raboud a écrit :
> > >
> > > 2. Insecure tempfile handling:
> > > https://bugzilla.novell.com/show_bug.cgi?id=704608
> > > https://bugs.launchpad.net/hplip/+bug/809904
> > > This is CVE-
On Fri, Nov 25, 2011 at 12:22:24PM +0100, Didier Raboud wrote:
> Le vendredi, 25 novembre 2011 12.16:06, Didier Raboud a écrit :
> > found 635549 3.10.6-2
> > notfound 635549 3.11.10
> > thanks
> >
> > Hi Moritz,
> >
> > Le mardi, 26 juillet 2011 23.07:01, Moritz Muehlenhoff a écrit :
> > > Two s
Dear Release Team,
after taking a closer look to #635549 and an IRC chat with the Security
people, I propose to upload hplip to stable with the following changelog
entry:
hplip (3.10.6-2+squeeze0) stable; urgency=low
* Fix CVE-2011-2722 "Insecure tempfile handling" by patching t
Le vendredi, 25 novembre 2011 12.22:24, Didier Raboud a écrit :
> > Le mardi, 26 juillet 2011 23.07:01, Moritz Muehlenhoff a écrit :
> > >
> > > 1. Shell command injection in foomatic-rip-hplip:
> > > https://bugzilla.novell.com/show_bug.cgi?id=698451
> > > This is CVE-2011-2697
> >
> > As far as
Le vendredi, 25 novembre 2011 12.16:06, Didier Raboud a écrit :
> >
> > 2. Insecure tempfile handling:
> > https://bugzilla.novell.com/show_bug.cgi?id=704608
> > https://bugs.launchpad.net/hplip/+bug/809904
> > This is CVE-2011-2722
>
> This seems to be fixed in 3.11.10, hence again, only stable
Package: hplip
Version: 3.11.10-1
File: /usr/bin/hp-plugin
Severity: important
I have a LaserJet 1018 printer which requires a firmware upload before
functioning. The hp-plugin downloaded this firmware and also installed udev
rules to upload it, but those rules do not work:
Nov 25 13:23:00 walla
Your message dated Fri, 25 Nov 2011 13:23:10 +0100
with message-id <20251323.19384.o...@debian.org>
and subject line Re: #635549: Two hplip security issues
has caused the Debian Bug report #635549,
regarding Two security issues
to be marked as done.
This means that you claim that the problem h
Processing commands for cont...@bugs.debian.org:
> found 635549 3.10.6-2
Bug #635549 [hplip] Two security issues
Bug Marked as found in versions hplip/3.10.6-2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
635549: http://bugs.debian.org/cgi-bin/bugreport.cgi?bu
Le vendredi, 25 novembre 2011 12.16:06, Didier Raboud a écrit :
> found 635549 3.10.6-2
> notfound 635549 3.11.10
> thanks
>
> Hi Moritz,
>
> Le mardi, 26 juillet 2011 23.07:01, Moritz Muehlenhoff a écrit :
> > Two security issues have been reported in hplip:
> >
> > 1. Shell command injection i
found 635549 3.10.6-2
notfound 635549 3.11.10
thanks
Hi Moritz,
Le mardi, 26 juillet 2011 23.07:01, Moritz Muehlenhoff a écrit :
>
> Two security issues have been reported in hplip:
>
> 1. Shell command injection in foomatic-rip-hplip:
> https://bugzilla.novell.com/show_bug.cgi?id=698451
> This
Source: hplip
Version: 3.11.10-1
Severity: important
Le vendredi, 4 novembre 2011 13.26:15, Didier Raboud a écrit :
> Till Kamppeter wrote:
> > The PostScript printer PPDs are also a driver package, for the
> > PostScript printers. Therefore the PPDs must get into a
> > printer-driver-... package,
13 matches
Mail list logo
