The remote host is missing an update to cups announced via advisory FEDORA-2009-11314.

Apply the appropriate updates. This update can be installed with the yum update program. Use su -c 'yum update cups' at the command line. For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/. https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-11314

Update Information: New release, including fix for XSS vulnerability in web interface (CVE-2009-2820) and for improper reference counting in abstract file descriptors handling interface (CVE-2009-3553). ChangeLog: * Thu Nov 19 2009 Tim Waugh 1:1.4.2-7 - Applied patch to fix CVE-2009-3553 (bug #530111, STR #3200). * Tue Nov 17 2009 Tim Waugh 1:1.4.2-6 - Fixed display of current driver (bug #537182, STR #3418). - Fixed out-of-memory handling when loading jobs (bug #538054, STR #3407). * Mon Nov 16 2009 Tim Waugh 1:1.4.2-5 - Fixed typo in admin web template (bug #537884, STR #3403). - Reset SIGPIPE handler for child processes (bug #537886, STR #3399). * Mon Nov 16 2009 Tim Waugh 1:1.4.2-4 - Upstream fix for GNU TLS error handling bug (bug #537883, STR #3381). * Wed Nov 11 2009 Jiri Popelka 1:1.4.2-3 - Fixed lspp-patch to avoid memory leak (bug #536741). * Tue Nov 10 2009 Tim Waugh 1:1.4.2-2 - Added explicit version dependency on cups-libs to cups-lpd (bug #502205). * Tue Nov 10 2009 Tim Waugh 1:1.4.2-1 - 1.4.2. No longer need str3380, str3332, str3356, str3396 patches. - Removed postscript.ppd.gz (bug #533371). - Renumbered patches and sources.

• https://bugzilla.redhat.com/show_bug.cgi?id=529833
• https://bugzilla.redhat.com/show_bug.cgi?id=530111

---

Updated on 2015-03-25