Synopsis: Moderate: cups security update Issue date: 2008-06-04 CVE Names: CVE-2008-1722 An integer overflow flaw leading to a heap buffer overflow was discovered in the Portable Network Graphics (PNG) decoding routines used by the CUPS image converting filters "imagetops" and "imagetoraster". An attacker could create a malicious PNG file that could possibly execute arbitrary code as the "lp" user if the file was printed. (CVE-2008-1722) SL 3.0.x SRPMS: cups-1.1.17-13.3.53.src.rpm i386: cups-1.1.17-13.3.53.i386.rpm cups-devel-1.1.17-13.3.53.i386.rpm cups-libs-1.1.17-13.3.53.i386.rpm x86_64: cups-1.1.17-13.3.53.x86_64.rpm cups-devel-1.1.17-13.3.53.x86_64.rpm cups-libs-1.1.17-13.3.53.i386.rpm cups-libs-1.1.17-13.3.53.x86_64.rpm SL 4.x SRPMS: cups-1.1.22-0.rc1.9.20.2.el4_6.8.src.rpm i386: cups-1.1.22-0.rc1.9.20.2.el4_6.8.i386.rpm cups-devel-1.1.22-0.rc1.9.20.2.el4_6.8.i386.rpm cups-libs-1.1.22-0.rc1.9.20.2.el4_6.8.i386.rpm x86_64: cups-1.1.22-0.rc1.9.20.2.el4_6.8.x86_64.rpm cups-devel-1.1.22-0.rc1.9.20.2.el4_6.8.x86_64.rpm cups-libs-1.1.22-0.rc1.9.20.2.el4_6.8.i386.rpm cups-libs-1.1.22-0.rc1.9.20.2.el4_6.8.x86_64.rpm SL 5.x SRPMS: cups-1.2.4-11.18.el5_2.1.src.rpm i386: cups-1.2.4-11.18.el5_2.1.i386.rpm cups-devel-1.2.4-11.18.el5_2.1.i386.rpm cups-libs-1.2.4-11.18.el5_2.1.i386.rpm cups-lpd-1.2.4-11.18.el5_2.1.i386.rpm x86_64: cups-1.2.4-11.18.el5_2.1.x86_64.rpm cups-devel-1.2.4-11.18.el5_2.1.i386.rpm cups-devel-1.2.4-11.18.el5_2.1.x86_64.rpm cups-libs-1.2.4-11.18.el5_2.1.i386.rpm cups-libs-1.2.4-11.18.el5_2.1.x86_64.rpm cups-lpd-1.2.4-11.18.el5_2.1.x86_64.rpm -Connie Sieh -Troy Dawson