What Are You Looking For?

Sign Up
Date:         Wed, 11 Nov 2009 15:42:12 -0600
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Moderate: cups on SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Moderate: cups security update
Issue date:	2009-10-15
CVE Names:	CVE-2009-3608 CVE-2009-3609

Two integer overflow flaws were found in the CUPS "pdftops" filter. An
attacker could create a malicious PDF file that would cause "pdftops" to
crash or, potentially, execute arbitrary code as the "lp" user if the 
file was printed. (CVE-2009-3608, CVE-2009-3609)

After installing the update, the cupsd daemon will be restarted 
automatically.

Note: Some older versions of SL 5 needed a newer version of rpm for this 
update.  The SL 5.4 version of rpm and popt is included with this update.

Note: This update is already in SL 5.4

SL 5.x

     SRPMS:
cups-1.3.7-11.el5_4.3.src.rpm
     i386:
cups-1.3.7-11.el5_4.3.i386.rpm
cups-devel-1.3.7-11.el5_4.3.i386.rpm
cups-libs-1.3.7-11.el5_4.3.i386.rpm
cups-lpd-1.3.7-11.el5_4.3.i386.rpm
popt-1.10.2.3-18.el5.i386.rpm
rpm-4.4.2.3-18.el5.i386.rpm
rpm-apidocs-4.4.2.3-18.el5.i386.rpm
rpm-build-4.4.2.3-18.el5.i386.rpm
rpm-devel-4.4.2.3-18.el5.i386.rpm
rpm-libs-4.4.2.3-18.el5.i386.rpm
rpm-python-4.4.2.3-18.el5.i386.rpm
     x86_64:
cups-1.3.7-11.el5_4.3.x86_64.rpm
cups-devel-1.3.7-11.el5_4.3.i386.rpm
cups-devel-1.3.7-11.el5_4.3.x86_64.rpm
cups-libs-1.3.7-11.el5_4.3.i386.rpm
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm
popt-1.10.2.3-18.el5.i386.rpm
popt-1.10.2.3-18.el5.x86_64.rpm
rpm-4.4.2.3-18.el5.x86_64.rpm
rpm-apidocs-4.4.2.3-18.el5.x86_64.rpm
rpm-build-4.4.2.3-18.el5.x86_64.rpm
rpm-devel-4.4.2.3-18.el5.i386.rpm
rpm-devel-4.4.2.3-18.el5.x86_64.rpm
rpm-libs-4.4.2.3-18.el5.i386.rpm
rpm-libs-4.4.2.3-18.el5.x86_64.rpm
rpm-python-4.4.2.3-18.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2009-3608 Moderate: cups SL5.x i386/x86_64

Moderate: cups security update

Summary

Date:         Wed, 11 Nov 2009 15:42:12 -0600Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA Moderate: cups on SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov"          Synopsis:	Moderate: cups security updateIssue date:	2009-10-15CVE Names:	CVE-2009-3608 CVE-2009-3609Two integer overflow flaws were found in the CUPS "pdftops" filter. Anattacker could create a malicious PDF file that would cause "pdftops" tocrash or, potentially, execute arbitrary code as the "lp" user if the file was printed. (CVE-2009-3608, CVE-2009-3609)After installing the update, the cupsd daemon will be restarted automatically.Note: Some older versions of SL 5 needed a newer version of rpm for this update.  The SL 5.4 version of rpm and popt is included with this update.Note: This update is already in SL 5.4SL 5.x     SRPMS:cups-1.3.7-11.el5_4.3.src.rpm     i386:cups-1.3.7-11.el5_4.3.i386.rpmcups-devel-1.3.7-11.el5_4.3.i386.rpmcups-libs-1.3.7-11.el5_4.3.i386.rpmcups-lpd-1.3.7-11.el5_4.3.i386.rpmpopt-1.10.2.3-18.el5.i386.rpmrpm-4.4.2.3-18.el5.i386.rpmrpm-apidocs-4.4.2.3-18.el5.i386.rpmrpm-build-4.4.2.3-18.el5.i386.rpmrpm-devel-4.4.2.3-18.el5.i386.rpmrpm-libs-4.4.2.3-18.el5.i386.rpmrpm-python-4.4.2.3-18.el5.i386.rpm     x86_64:cups-1.3.7-11.el5_4.3.x86_64.rpmcups-devel-1.3.7-11.el5_4.3.i386.rpmcups-devel-1.3.7-11.el5_4.3.x86_64.rpmcups-libs-1.3.7-11.el5_4.3.i386.rpmcups-libs-1.3.7-11.el5_4.3.x86_64.rpmcups-lpd-1.3.7-11.el5_4.3.x86_64.rpmpopt-1.10.2.3-18.el5.i386.rpmpopt-1.10.2.3-18.el5.x86_64.rpmrpm-4.4.2.3-18.el5.x86_64.rpmrpm-apidocs-4.4.2.3-18.el5.x86_64.rpmrpm-build-4.4.2.3-18.el5.x86_64.rpmrpm-devel-4.4.2.3-18.el5.i386.rpmrpm-devel-4.4.2.3-18.el5.x86_64.rpmrpm-libs-4.4.2.3-18.el5.i386.rpmrpm-libs-4.4.2.3-18.el5.x86_64.rpmrpm-python-4.4.2.3-18.el5.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

Security Highlights from KubeCon + CloudNativeCon 2023

Nov 18, 2023

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

News

Advisories

HOWTOs

Features

Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap
CISA Issues Urgent Warning Over Active Exploitation of Looney Tunables glibc Bug

About Us

Powered By

Footer Logo