(RHSA-2008:0157) Important: cups security update

2008-02-21T05:00:00
ID RHSA-2008:0157
Type redhat
Reporter RedHat
Modified 2017-09-08T11:55:15

Description

The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. The Internet Printing Protocol (IPP) is a standard network protocol for remote printing, as well as managing print jobs.

A flaw was found in the way CUPS handles the addition and removal of remote shared printers via IPP. A remote attacker could send malicious UDP IPP packets causing the CUPS daemon to crash. (CVE-2008-0882)

Note: the default configuration of CUPS on Red Hat Enterprise Linux 5 will only accept requests of this type from the local subnet. This issue did not affect the versions of CUPS as shipped with Red Hat Enterprise Linux 3 or 4.

All cups users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.