(RHSA-2008:1028) Moderate: cups security update

The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.

An integer overflow flaw, leading to a heap buffer overflow, was discovered
in the Portable Network Graphics (PNG) decoding routines used by the CUPS
image-converting filters, “imagetops” and “imagetoraster”. An attacker
could create a malicious PNG file that could, potentially, execute
arbitrary code as the “lp” user if the file was printed. (CVE-2008-5286)

CUPS users should upgrade to these updated packages, which contain a
backported patch to correct this issue.