Canonical Closes HPLIP Vulnerabilities in Ubuntu 12.10

A couple of other distributions have been affected by this problem

By on October 3rd, 2013 19:01 GMT

On September 30, Canonical published in a security notice details about HPLIP vulnerabilities for its Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.

According to Canonical, HPLIP could have been made to overwrite files.

For example, it has been discovered that HPLIP incorrectly handled temporary files when printing. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and Ubuntu 12.10, this should be prevented by the Yama link restrictions..

For a more detailed description of the security problems, you can visit Canonical's security notification.

The security flaws can be fixed if you upgrade your system(s) to the liblcms2-2 package specific to each distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart will not be necessary to implement them.

Comments