From ${URL} : A temporary file handling flaw was found in hplip/pkit.py. Because a predicatable temporary filename is used, an attacker could use a symlink attack to overwrite an arbitrary file with the privileges of the process running hplip. This is a different flaw than CVE-2013-0200. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725876 https://bugzilla.novell.com/show_bug.cgi?id=852368 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
I have bumped hplip to 3.14.1 which should fix the issue. Stabilization for 3.13.9 is currently in the works (bug #484474). I will close this one and open a new one for 3.14.1.
(In reply to Daniel Pielmeier from comment #1) > I have bumped hplip to 3.14.1 which should fix the issue. > Stabilization for 3.13.9 is currently in the works (bug #484474). I will > close this one and open a new one for 3.14.1. If you are stabilizing for security and the bug is fixed in version 3.14.1 we can stabilize as part of this bug when you are ready.
CVE-2013-6402 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6402): base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/hp-pkservice.log temporary file.
Fixed versions have been stabilized. Vulnerable versions have been removed. @ glsa coordinators: Please vote.
Vote: NO.
GLSA Vote: No
