|
Elders/PU_IAS security updates: hplip, openssl |
|
|
|
hplip security update for 5 Client/Server fixes a flaw in the way hpssd daemon handled user input. On systems with  SELinux turned off this might be used to run arbitrary code as root.
hplip advisory
openssl security update for 5 Client/Server fixes possibly remotely exploitable issues in DTLS support (not used by default), as well as a one byte overflow in SSL_get_shared_ciphers functions (rarely used). Other fixed issues involve possible side-channel attacks that in unlikely scenario might be used to obtain private RSA keys.
openssl advisory
other updates include krb5 bug fix updates for 1/1WS.
|
