Debian Security Advisory

DLA-775-1 hplip -- LTS security update

Date Reported:
01 Jan 2017
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2015-0839.
More information:
  • CVE-2015-0839

    The hplip plugin download function verifies the driver using a short-key. This is not secure because it is trivial to generate keys with arbitrary key IDs.

For Debian 7 Wheezy, these problems have been fixed in version 3.12.6-3.1+deb7u2.

We recommend that you upgrade your hplip packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: