Summary: | <net-print/hplip-3.11.10 insecure tmp file handling in hpcupsfax.cpp (CVE-2011-2722) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sean Amoss (RETIRED) <ackle> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | billie, calchan, printing |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugs.launchpad.net/hplip/+bug/809904 | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 388989 | ||
Bug Blocks: |
Description
Sean Amoss (RETIRED)
2011-10-27 11:14:07 UTC
@maintainers: We do have =net-print/hplip-3.11.10 in tree. Is this ready for stabilization? (In reply to comment #1) > @maintainers: We do have =net-print/hplip-3.11.10 in tree. Is this ready for > stabilization? It is never ready given the fact it supports about 2000 printers so there are always problems with some models and other things. I will open a stabilization request now. (In reply to comment #1) > @maintainers: We do have =net-print/hplip-3.11.10 in tree. Is this ready for > stabilization? It is stabilized now on all required arches >>except ppc64<<. It would be awesome if ppc64 could follow now and stabilize =net-print/hplip-3.11.10, because then this security bug could finally proceed too. ppc64 done Thanks, everyone. GLSA Vote: yes. GLSA vote: yes. Added to existing GLSA request. This issue was resolved and addressed in GLSA 201203-17 at http://security.gentoo.org/glsa/glsa-201203-17.xml by GLSA coordinator Sean Amoss (ackle). |