Sebastian Krahmer reported a security issue was found in polkit (CVE-2013-4288 bz 1002375). It was found that hplip was vulnerable to this issue as well, since it communicated to polkit authority using an unsafe DBUS interface. This issue has been assigned CVE-2013-4325
Created attachment 796256 [details] hplip patch
This is now public: http://www.openwall.com/lists/oss-security/2013/09/18/4
Created hplip tracking bugs for this issue: Affects: fedora-all [bug 1009541]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1274 https://rhn.redhat.com/errata/RHSA-2013-1274.html
hplip-3.13.9-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
hplip-3.13.9-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
hplip-3.13.9-2.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.