The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.
An integer overflow flaw, leading to a heap buffer overflow, was discovered
in the Portable Network Graphics (PNG) decoding routines used by the CUPS
image-converting filters, “imagetops” and “imagetoraster”. An attacker
could create a malicious PNG file that could, potentially, execute
arbitrary code as the “lp” user if the file was printed. (CVE-2008-5286)
CUPS users should upgrade to these updated packages, which contain a
backported patch to correct this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ppc64 | cups-libs | < 1.1.17-13.3.55 | cups-libs-1.1.17-13.3.55.ppc64.rpm |
RedHat | any | ppc | cups-devel | < 1.1.17-13.3.55 | cups-devel-1.1.17-13.3.55.ppc.rpm |
RedHat | any | ppc | cups-libs | < 1.1.17-13.3.55 | cups-libs-1.1.17-13.3.55.ppc.rpm |
RedHat | any | ppc | cups | < 1.1.17-13.3.55 | cups-1.1.17-13.3.55.ppc.rpm |