cups security update

CentOS Errata and Security Advisory CESA-2009:1082

The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The Internet Printing Protocol (IPP) allows
users to print and manage printing-related tasks over a network.

A NULL pointer dereference flaw was found in the CUPS IPP routine, used for
processing incoming IPP requests for the CUPS scheduler. An attacker could
use this flaw to send specially-crafted IPP requests that would crash the
cupsd daemon. (CVE-2009-0949)

Red Hat would like to thank Anibal Sacco from Core Security Technologies
for reporting this issue.

Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing this
update, the cupsd daemon will be restarted automatically.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2009-June/078125.html
https://lists.centos.org/pipermail/centos-announce/2009-June/078126.html

Affected packages:
cups
cups-devel
cups-libs
cups-lpd

Upstream details at:
https://access.redhat.com/errata/RHSA-2009:1082