CentOS Errata and Security Advisory CESA-2010:0754
The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS “pdftops” filter converts Portable
Document Format (PDF) files to PostScript.
An uninitialized pointer use flaw was discovered in the CUPS “pdftops”
filter. An attacker could create a malicious PDF file that, when printed,
would cause “pdftops” to crash or, potentially, execute arbitrary code as
the “lp” user. (CVE-2010-3702)
Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing this
update, the cupsd daemon will be restarted automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-October/079205.html
https://lists.centos.org/pipermail/centos-announce/2010-October/079206.html
Affected packages:
cups
cups-devel
cups-libs
Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0754
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 3 | i386 | cups | < 1.1.17-13.3.70 | cups-1.1.17-13.3.70.i386.rpm |
CentOS | 3 | i386 | cups-devel | < 1.1.17-13.3.70 | cups-devel-1.1.17-13.3.70.i386.rpm |
CentOS | 3 | i386 | cups-libs | < 1.1.17-13.3.70 | cups-libs-1.1.17-13.3.70.i386.rpm |
CentOS | 3 | x86_64 | cups | < 1.1.17-13.3.70 | cups-1.1.17-13.3.70.x86_64.rpm |
CentOS | 3 | x86_64 | cups-devel | < 1.1.17-13.3.70 | cups-devel-1.1.17-13.3.70.x86_64.rpm |
CentOS | 3 | i386 | cups-libs | < 1.1.17-13.3.70 | cups-libs-1.1.17-13.3.70.i386.rpm |
CentOS | 3 | x86_64 | cups-libs | < 1.1.17-13.3.70 | cups-libs-1.1.17-13.3.70.x86_64.rpm |