cups security update

2006-01-11T22:26:57
ID CESA-2006:0163
Type centos
Reporter CentOS Project
Modified 2006-01-12T13:18:24

Description

CentOS Errata and Security Advisory CESA-2006:0163

The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems.

Chris Evans discovered several flaws in the way CUPS processes PDF files. An attacker could construct a carefully crafted PDF file that could cause CUPS to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3624, CVE-2005-3625, CVE-2005-3626, and CVE-2005-3627 to these issues.

All users of CUPS should upgrade to these updated packages, which contain backported patches to resolve these issues.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2006-January/012557.html http://lists.centos.org/pipermail/centos-announce/2006-January/012558.html http://lists.centos.org/pipermail/centos-announce/2006-January/012559.html http://lists.centos.org/pipermail/centos-announce/2006-January/012561.html http://lists.centos.org/pipermail/centos-announce/2006-January/012562.html http://lists.centos.org/pipermail/centos-announce/2006-January/012563.html http://lists.centos.org/pipermail/centos-announce/2006-January/012564.html http://lists.centos.org/pipermail/centos-announce/2006-January/012571.html http://lists.centos.org/pipermail/centos-announce/2006-January/012572.html

Affected packages: cups cups-devel cups-libs

Upstream details at: https://rhn.redhat.com/errata/RHSA-2006-0163.html