oss-sec mailing list archives
Re: hplip: security issues in `hpps` program due to fixed /tmp path usage in prnt/hpps/hppsfilter.c
From: Matthias Gerstner <mgerstner () suse de>
Date: Thu, 4 Jan 2024 11:24:46 +0100
On Fri, Nov 17, 2023 at 10:37:04AM +0100, Matthias Gerstner wrote:
There is currently no upstream fix available for this issue and this publication happens after 90 days of attempted coordinated disclosure, but upstream did not react to my report.
I was just informed that upstream release 3.23.12 released on 2023-11-30 silently fixes this issue. The fix is based on the patch that I posted on this list. Best Regards Matthias
Attachment:
signature.asc
Description:
Current thread:
- Re: hplip: security issues in `hpps` program due to fixed /tmp path usage in prnt/hpps/hppsfilter.c Matthias Gerstner (Jan 04)