Subject: | |
From: | |
Reply To: | |
Date: | Fri, 17 Apr 2009 11:31:17 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Moderate: cups security update
Issue date: 2009-04-16
CVE Names: CVE-2009-0163
An integer overflow flaw, leading to a heap-based buffer overflow, was
discovered in the Tagged Image File Format (TIFF) decoding routines used
by the CUPS image-converting filters, "imagetops" and "imagetoraster".
An attacker could create a malicious TIFF file that could, potentially,
execute arbitrary code as the "lp" user if the file was printed.
(CVE-2009-0163)
After installing the update, the cupsd daemon will be restarted
automatically.
SL 3.0.x
SRPMS:
cups-1.1.17-13.3.58.src.rpm
i386:
cups-1.1.17-13.3.58.i386.rpm
cups-devel-1.1.17-13.3.58.i386.rpm
cups-libs-1.1.17-13.3.58.i386.rpm
x86_64:
cups-1.1.17-13.3.58.x86_64.rpm
cups-devel-1.1.17-13.3.58.x86_64.rpm
cups-libs-1.1.17-13.3.58.i386.rpm
cups-libs-1.1.17-13.3.58.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|