Synopsis: Moderate: cups security update
Issue date: 2009-04-16
CVE Names: CVE-2009-0163
An integer overflow flaw, leading to a heap-based buffer overflow, was
discovered in the Tagged Image File Format (TIFF) decoding routines used
by the CUPS image-converting filters, "imagetops" and "imagetoraster".
An attacker could create a malicious TIFF file that could, potentially,
execute arbitrary code as the "lp" user if the file was printed.
(CVE-2009-0163)
After installing the update, the cupsd daemon will be restarted
automatically.
SL 3.0.x
SRPMS:
cups-1.1.17-13.3.58.src.rpm
i386:
cups-1.1.17-13.3.58.i386.rpm
cups-devel-1.1.17-13.3.58.i386.rpm
cups-libs-1.1.17-13.3.58.i386.rpm
x86_64:
cups-1.1.17-13.3.58.x86_64.rpm
cups-devel-1.1.17-13.3.58.x86_64.rpm
cups-libs-1.1.17-13.3.58.i386.rpm
cups-libs-1.1.17-13.3.58.x86_64.rpm
-Connie Sieh
-Troy Dawson