Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Thu, 5 Jun 2008 15:15:44 -0500 Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for cups on SL3.x, SL4.x, SL5.x i386/x86_64 Comments: To: " This email address is being protected from spambots. You need JavaScript enabled to view it. "Synopsis: Moderate: cups security update Issue date: 2008-06-04 CVE Names: CVE-2008-1722 An integer overflow flaw leading to a heap buffer overflow was discovered in the Portable Network Graphics (PNG) decoding routines used by the CUPS image converting filters "imagetops" and "imagetoraster". An attacker could create a malicious PNG file that could possibly execute arbitrary code as the "lp" user if the file was printed. (CVE-2008-1722) SL 3.0.x SRPMS: cups-1.1.17-13.3.53.src.rpm i386: cups-1.1.17-13.3.53.i386.rpm cups-devel-1.1.17-13.3.53.i386.rpm cups-libs-1.1.17-13.3.53.i386.rpm x86_64: cups-1.1.17-13.3.53.x86_64.rpm cups-devel-1.1.17-13.3.53.x86_64.rpm cups-libs-1.1.17-13.3.53.i386.rpm cups-libs-1.1.17-13.3.53.x86_64.rpm SL 4.x SRPMS: cups-1.1.22-0.rc1.9.20.2.el4_6.8.src.rpm i386: cups-1.1.22-0.rc1.9.20.2.el4_6.8.i386.rpm cups-devel-1.1.22-0.rc1.9.20.2.el4_6.8.i386.rpm cups-libs-1.1.22-0.rc1.9.20.2.el4_6.8.i386.rpm x86_64: cups-1.1.22-0.rc1.9.20.2.el4_6.8.x86_64.rpm cups-devel-1.1.22-0.rc1.9.20.2.el4_6.8.x86_64.rpm cups-libs-1.1.22-0.rc1.9.20.2.el4_6.8.i386.rpm cups-libs-1.1.22-0.rc1.9.20.2.el4_6.8.x86_64.rpm SL 5.x SRPMS: cups-1.2.4-11.18.el5_2.1.src.rpm i386: cups-1.2.4-11.18.el5_2.1.i386.rpm cups-devel-1.2.4-11.18.el5_2.1.i386.rpm cups-libs-1.2.4-11.18.el5_2.1.i386.rpm cups-lpd-1.2.4-11.18.el5_2.1.i386.rpm x86_64: cups-1.2.4-11.18.el5_2.1.x86_64.rpm cups-devel-1.2.4-11.18.el5_2.1.i386.rpm cups-devel-1.2.4-11.18.el5_2.1.x86_64.rpm cups-libs-1.2.4-11.18.el5_2.1.i386.rpm cups-libs-1.2.4-11.18.el5_2.1.x86_64.rpm cups-lpd-1.2.4-11.18.el5_2.1.x86_64.rpm -Connie Sieh -Troy Dawson