Synopsis:          Important: hplip security update
Advisory ID:       SLSA-2013:1274-1
Issue Date:        2013-09-19
CVE Numbers:       CVE-2013-4325
--

HPLIP communicated with PolicyKit for authorization via a D-Bus API that
is vulnerable to a race condition. This could lead to intended PolicyKit
authorizations being bypassed. This update modifies HPLIP to communicate
with PolicyKit via a different API that is not vulnerable to the race
condition. (CVE-2013-4325)
--

SL6
  x86_64
    hpijs-3.12.4-4.el6_4.1.x86_64.rpm
    hplip-3.12.4-4.el6_4.1.x86_64.rpm
    hplip-common-3.12.4-4.el6_4.1.x86_64.rpm
    hplip-debuginfo-3.12.4-4.el6_4.1.i686.rpm
    hplip-debuginfo-3.12.4-4.el6_4.1.x86_64.rpm
    hplip-gui-3.12.4-4.el6_4.1.x86_64.rpm
    hplip-libs-3.12.4-4.el6_4.1.i686.rpm
    hplip-libs-3.12.4-4.el6_4.1.x86_64.rpm
    libsane-hpaio-3.12.4-4.el6_4.1.x86_64.rpm
  i386
    hpijs-3.12.4-4.el6_4.1.i686.rpm
    hplip-3.12.4-4.el6_4.1.i686.rpm
    hplip-common-3.12.4-4.el6_4.1.i686.rpm
    hplip-debuginfo-3.12.4-4.el6_4.1.i686.rpm
    hplip-gui-3.12.4-4.el6_4.1.i686.rpm
    hplip-libs-3.12.4-4.el6_4.1.i686.rpm
    libsane-hpaio-3.12.4-4.el6_4.1.i686.rpm

- Scientific Linux Development Team