[SECURITY] [DLA 775-1] hplip security update

[Ola Lundqvist <opal@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : hplip
Version        : 3.12.6-3.1+deb7u2
CVE ID         : CVE-2015-0839
Debian Bug     : #787353

CVE-2015-0839

  The hplip plugin download function verifies the driver using a
  short-key. This is not secure because it is trivial to
  generate keys with arbitrary key IDs.

For Debian 7 "Wheezy", these problems have been fixed in version
3.12.6-3.1+deb7u2.

We recommend that you upgrade your hplip packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJYaYw1AAoJEF6Q3PqUJodvRQEP/0NQhRcbGqGPKwKwnsR1tgtv
Dc3eHbjvnxB/fYfRkP3cXvkzqc67DCJKXrnHy4lHco7KoyJG1h7ykjmW+ux1eO4O
+KTLf+uFXGG7tVukNGHYRsCvggzQCweubvy/LyAkxGhQri93BG4w0Hlmw9JN35c4
T/SIJJmo3V2rU1+3/q2lcr2QW4UR/arLTmgYPqUpoH+5ka9UZozkgY3l3zkYMWSx
uKhu94muBe3eucUnne5wKbgMH4lXRc1XlZcI7SctTGsxEFzs0idlix0iKb7WFVHu
Y7ffyfnLezJTW5ZFkV0458llEs5H3hEJayoFHEtt8CkJ7GR/eWOrENjfBGNNxNRL
GpEuMZjrSXc5y8HfJw81cyh5uBhv7Tw7wva3GuS8qjP/yPZP8thf6/Pxsb6im1uz
/6vAVq1a3OmqX0WyGLBBWwk2fQrqaXRPm295CzIq4S6eI4pML0i3CGG0tX7aTomu
yjrdzEPG2+DhKctpve6HpAWJz54D99OJRx+/ulZH0ZtgWx+FuGDA4EBg8KYFA1VP
iMLByXU6Brgabyjm+SazeF07ap/mbkccRdG+hYMDFPx/FgFnS/Q81D7aPaJ2fL7x
wjgLINeyx50QA3FuNzaKeoytHrN892BX3cSx4gxqBeVaMonJUdIyX8KWahP2jIcr
A6oQZG0YMOYCExH+85pT
=5uH8
-----END PGP SIGNATURE-----