Package: hplip Version: 1.6.10-3 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for hplip.
CVE-2008-2940[0]: | The alert-mailing implementation in HP Linux Imaging and Printing | (HPLIP) 1.6.7 allows local users to gain privileges and send e-mail | messages from the root account via vectors related to the setalerts | message, and lack of validation of the device URI associated with an | event message. CVE-2008-2941[1]: | The hpssd message parser in hpssd.py in HP Linux Imaging and | Printing (HPLIP) 1.6.7 allows local users to cause a denial of | service (process stop) via a crafted packet, as demonstrated by | sending "msg=0" to TCP port 2207. If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2940 http://security-tracker.debian.net/tracker/CVE-2008-2940 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2941 http://security-tracker.debian.net/tracker/CVE-2008-2941 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
