Synopsis: Low: hplip3 security and bug fix update Issue Date: 2013-01-08 CVE Numbers: CVE-2011-2722 -- It was found that the HP CUPS (Common UNIX Printing System) fax filter in HPLIP created a temporary file in an insecure way. A local attacker could use this flaw to perform a symbolic link attack, overwriting arbitrary files accessible to a process using the fax filter (such as the hp3-sendfax tool). (CVE-2011-2722) This update also fixes the following bug: * Previous modifications of the hplip3 package to allow it to be installed alongside the original hplip package introduced several problems to fax support; for example, the hp-sendfax utility could become unresponsive. These problems have been fixed with this update. -- SL5 x86_64 hpijs3-3.9.8-15.el5.x86_64.rpm hplip3-3.9.8-15.el5.x86_64.rpm hplip3-common-3.9.8-15.el5.x86_64.rpm hplip3-debuginfo-3.9.8-15.el5.x86_64.rpm hplip3-gui-3.9.8-15.el5.x86_64.rpm hplip3-libs-3.9.8-15.el5.x86_64.rpm libsane-hpaio3-3.9.8-15.el5.x86_64.rpm i386 hpijs3-3.9.8-15.el5.i386.rpm hplip3-3.9.8-15.el5.i386.rpm hplip3-common-3.9.8-15.el5.i386.rpm hplip3-debuginfo-3.9.8-15.el5.i386.rpm hplip3-gui-3.9.8-15.el5.i386.rpm hplip3-libs-3.9.8-15.el5.i386.rpm libsane-hpaio3-3.9.8-15.el5.i386.rpm - Scientific Linux Development Team