Please Install the Updated Packages.

The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. Two overflows were discovered in the HP-GL/2-to-PostScript filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code as the &quot lp&quot user if the file is printed. (CVE-2008-0053) A buffer overflow flaw was discovered in the GIF decoding routines used by CUPS image converting filters &quot imagetops&quot and &quot imagetoraster&quot . An attacker could create a malicious GIF file that could possibly execute arbitrary code as the &quot lp&quot user if the file was printed. (CVE-2008-1373) It was discovered that the patch used to address CVE-2004-0888 in CUPS packages in Red Hat Enterprise Linux 3 and 4 did not completely resolve the integer overflow in the &quot pdftops&quot filter on 64-bit platforms. An attacker could create a malicious PDF file that could possibly execute arbitrary code as the &quot lp&quot user if the file was printed. (CVE-2008-1374) All cups users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.

cups on CentOS 4

• http://lists.centos.org/pipermail/centos-announce/2008-April/014799.html

---

Updated on 2015-03-25