Ubuntu Security Notice USN-708-1
13th January, 2009
hplip vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 7.10
Software description
- hplip
Details
It was discovered that an installation script in the HPLIP package would
change permissions on the hplip config files located in user's home directories.
A local user could exploit this and change permissions on arbitrary files
upon an HPLIP installation or upgrade, which could lead to root privileges.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 7.10:
- hplip 2.7.7.dfsg.1-0ubuntu5.3
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system upgrade is sufficient to effect the
necessary changes.