Please Install the Updated Packages.

The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. Two overflows were discovered in the HP-GL/2-to-PostScript filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code as the &quot lp&quot user if the file is printed. (CVE-2008-0053) A buffer overflow flaw was discovered in the GIF decoding routines used by CUPS image converting filters &quot imagetops&quot and &quot imagetoraster&quot . An attacker could create a malicious GIF file that could possibly execute arbitrary code as the &quot lp&quot user if the file was printed. (CVE-2008-1373) It was discovered that the patch used to address CVE-2004-0888 in CUPS packages in Red Hat Enterprise Linux 3 and 4 did not completely resolve the integer overflow in the &quot pdftops&quot filter on 64-bit platforms. An attacker could create a malicious PDF file that could possibly execute arbitrary code as the &quot lp&quot user if the file was printed. (CVE-2008-1374) All cups users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.

cups on Red Hat Enterprise Linux AS version 3, Red Hat Enterprise Linux ES version 3, Red Hat Enterprise Linux WS version 3, Red Hat Enterprise Linux AS version 4, Red Hat Enterprise Linux ES version 4, Red Hat Enterprise Linux WS version 4

• https://www.redhat.com/archives/rhsa-announce/2008-April/msg00002.html

---

Updated on 2015-03-25