4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.015 Low
EPSS
Percentile
86.7%
CentOS Errata and Security Advisory CESA-2008:0498
The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.
An integer overflow flaw leading to a heap buffer overflow was discovered
in the Portable Network Graphics (PNG) decoding routines used by the CUPS
image converting filters βimagetopsβ and βimagetorasterβ. An attacker could
create a malicious PNG file that could possibly execute arbitrary code as
the βlpβ user if the file was printed. (CVE-2008-1722)
All CUPS users are advised to upgrade to these updated packages, which
contain backported patch to resolve this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-June/077114.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077115.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077116.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077117.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077122.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077123.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077126.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077127.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077170.html
https://lists.centos.org/pipermail/centos-announce/2008-June/077171.html
Affected packages:
cups
cups-devel
cups-libs
cups-lpd
Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0498
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 3 | ia64 | cups | <Β 1.1.17-13.3.53 | cups-1.1.17-13.3.53.ia64.rpm |
CentOS | 3 | ia64 | cups-devel | <Β 1.1.17-13.3.53 | cups-devel-1.1.17-13.3.53.ia64.rpm |
CentOS | 3 | ia64 | cups-libs | <Β 1.1.17-13.3.53 | cups-libs-1.1.17-13.3.53.ia64.rpm |
CentOS | 4 | ia64 | cups | <Β 1.1.22-0.rc1.9.20.2.c4.8 | cups-1.1.22-0.rc1.9.20.2.c4.8.ia64.rpm |
CentOS | 4 | ia64 | cups-devel | <Β 1.1.22-0.rc1.9.20.2.c4.8 | cups-devel-1.1.22-0.rc1.9.20.2.c4.8.ia64.rpm |
CentOS | 4 | ia64 | cups-libs | <Β 1.1.22-0.rc1.9.20.2.c4.8 | cups-libs-1.1.22-0.rc1.9.20.2.c4.8.ia64.rpm |
CentOS | 3 | s390 | cups | <Β 1.1.17-13.3.53 | cups-1.1.17-13.3.53.s390.rpm |
CentOS | 3 | s390 | cups-devel | <Β 1.1.17-13.3.53 | cups-devel-1.1.17-13.3.53.s390.rpm |
CentOS | 3 | s390 | cups-libs | <Β 1.1.17-13.3.53 | cups-libs-1.1.17-13.3.53.s390.rpm |
CentOS | 3 | s390x | cups | <Β 1.1.17-13.3.53 | cups-1.1.17-13.3.53.s390x.rpm |