Skip to navigation

Security Advisory Important: cups security update

Advisory: RHSA-2009:0429-1
Type: Security Advisory
Severity: Important
Issued on: 2009-04-16
Last updated on: 2009-04-16
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux Long Life (v. 5.3 server)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-0146
CVE-2009-0147
CVE-2009-0163
CVE-2009-0166
CVE-2009-0195
CVE-2009-0799
CVE-2009-0800
CVE-2009-1179
CVE-2009-1180
CVE-2009-1181
CVE-2009-1182
CVE-2009-1183

Details

Updated cups packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

The Common UNIX® Printing System (CUPS) provides a portable printing layer
for UNIX operating systems.

Multiple integer overflow flaws were found in the CUPS JBIG2 decoder. An
attacker could create a malicious PDF file that would cause CUPS to crash
or, potentially, execute arbitrary code as the "lp" user if the file was
printed. (CVE-2009-0147, CVE-2009-1179)

Multiple buffer overflow flaws were found in the CUPS JBIG2 decoder. An
attacker could create a malicious PDF file that would cause CUPS to crash
or, potentially, execute arbitrary code as the "lp" user if the file was
printed. (CVE-2009-0146, CVE-2009-1182)

Multiple flaws were found in the CUPS JBIG2 decoder that could lead to the
freeing of arbitrary memory. An attacker could create a malicious PDF file
that would cause CUPS to crash or, potentially, execute arbitrary code
as the "lp" user if the file was printed. (CVE-2009-0166, CVE-2009-1180)

Multiple input validation flaws were found in the CUPS JBIG2 decoder. An
attacker could create a malicious PDF file that would cause CUPS to crash
or, potentially, execute arbitrary code as the "lp" user if the file was
printed. (CVE-2009-0800)

An integer overflow flaw, leading to a heap-based buffer overflow, was
discovered in the Tagged Image File Format (TIFF) decoding routines used by
the CUPS image-converting filters, "imagetops" and "imagetoraster". An
attacker could create a malicious TIFF file that could, potentially,
execute arbitrary code as the "lp" user if the file was printed.
(CVE-2009-0163)

Multiple denial of service flaws were found in the CUPS JBIG2 decoder. An
attacker could create a malicious PDF file that would cause CUPS to crash
when printed. (CVE-2009-0799, CVE-2009-1181, CVE-2009-1183)

Red Hat would like to thank Aaron Sigel, Braden Thomas and Drew Yao of
the Apple Product Security team, and Will Dormann of the CERT/CC for
responsibly reporting these flaws.

Users of cups are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing the
update, the cupsd daemon will be restarted automatically.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
IA-32:
cups-devel-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 55dee6b36916ca6070999d2fb009a259
 
x86_64:
cups-devel-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 55dee6b36916ca6070999d2fb009a259
cups-devel-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 7e9a1bddfba9e8b4e29706c47a6ec776
 
Red Hat Desktop (v. 4)
SRPMS:
cups-1.1.22-0.rc1.9.27.el4_7.5.src.rpm
File outdated by:  RHSA-2010:0755		     MD5: 65e537ee66fdc75fdc5b5c107a59103f
 
IA-32:
cups-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 8a93182d74712d3424223c94364e3898
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 64cccbb589087cc695b4a478c8104766
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
 
x86_64:
cups-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 78150066ea7a7bbd595ecdaf989f13b1
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 1218006e170e9a8fec63975379f02da6
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: c9aa8b3aca745c1e045d1245a90bdacd
 
Red Hat Enterprise Linux (v. 5 server)
IA-32:
cups-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 29a55a23acdaa238ce91ce5946c98761
cups-devel-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 55dee6b36916ca6070999d2fb009a259
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-lpd-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 7607094954ecd6b2fb42f9837be50f1c
 
IA-64:
cups-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHBA-2011:0185		     MD5: e309835af5e4dbe5ae1b0da32e34ce8c
cups-devel-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 210fc85e3e5d969ffc2aee3def1300a1
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-libs-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHBA-2011:0185		     MD5: be23c141cdf8fd117d9115ca1464bf1e
cups-lpd-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 40227841b0b08c0a9e7e81ec452767ac
 
PPC:
cups-1.3.7-8.el5_3.4.ppc.rpm
File outdated by:  RHBA-2011:0185		     MD5: 7ae15bc7119f69fa08af55fc3bcc42b8
cups-devel-1.3.7-8.el5_3.4.ppc.rpm
File outdated by:  RHBA-2011:0185		     MD5: 9f01da37173cfe087c2fe4d81bd6b314
cups-devel-1.3.7-8.el5_3.4.ppc64.rpm
File outdated by:  RHBA-2011:0185		     MD5: e5d0a3109f9dca98604b7f8cebb730b0
cups-libs-1.3.7-8.el5_3.4.ppc.rpm
File outdated by:  RHBA-2011:0185		     MD5: 5bc7572aad77db87e4df3eedee346551
cups-libs-1.3.7-8.el5_3.4.ppc64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 0b6ff435968f4f49190a8e67b5348890
cups-lpd-1.3.7-8.el5_3.4.ppc.rpm
File outdated by:  RHBA-2011:0185		     MD5: 717d3cf744d49ef44d4c0a630e0f7cc7
 
s390x:
cups-1.3.7-8.el5_3.4.s390x.rpm
File outdated by:  RHBA-2011:0185		     MD5: 8c34f3af28f933e5618289868ca755e0
cups-devel-1.3.7-8.el5_3.4.s390.rpm
File outdated by:  RHBA-2011:0185		     MD5: f454863d9a1c5db0708191c29e0011a3
cups-devel-1.3.7-8.el5_3.4.s390x.rpm
File outdated by:  RHBA-2011:0185		     MD5: 19e28c69127ff8820540e19b9b24e8df
cups-libs-1.3.7-8.el5_3.4.s390.rpm
File outdated by:  RHBA-2011:0185		     MD5: 869968f3ac2921ccbdf8f3a2a3c400d5
cups-libs-1.3.7-8.el5_3.4.s390x.rpm
File outdated by:  RHBA-2011:0185		     MD5: f7445b73ce6fc1434e054a7b83bbd01e
cups-lpd-1.3.7-8.el5_3.4.s390x.rpm
File outdated by:  RHBA-2011:0185		     MD5: 1eecfc1e239c9ab583498e26f5c52db0
 
x86_64:
cups-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 81abd69556d1c93ec2ac503932520b20
cups-devel-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 55dee6b36916ca6070999d2fb009a259
cups-devel-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 7e9a1bddfba9e8b4e29706c47a6ec776
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-libs-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 8bcfd3a92e2c609680ef17aa11bab05f
cups-lpd-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 0b9d181aaf56f25b42e228cd8dbc519f
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
cups-1.1.22-0.rc1.9.27.el4_7.5.src.rpm
File outdated by:  RHSA-2010:0755		     MD5: 65e537ee66fdc75fdc5b5c107a59103f
 
IA-32:
cups-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 8a93182d74712d3424223c94364e3898
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 64cccbb589087cc695b4a478c8104766
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
 
IA-64:
cups-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 4de293e968fb552cf5f16ff5f6ae7a76
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: d92f9ac006251ea64045d3eaa9ee9c0c
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: c7664eb573bc83bce4b44aacbbc1f1a1
 
PPC:
cups-1.1.22-0.rc1.9.27.el4_7.5.ppc.rpm
File outdated by:  RHSA-2010:0755		     MD5: cd1c77aadd47fe50ef199a1dd0ad3e08
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.ppc.rpm
File outdated by:  RHSA-2010:0755		     MD5: 44a9d2917c14a399d04d60d4a49945ae
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ppc.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6529922f83f4cfdf02822bcb458737c8
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ppc64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 11aac78e0d3144b4d1033e83c3528c22
 
s390:
cups-1.1.22-0.rc1.9.27.el4_7.5.s390.rpm
File outdated by:  RHSA-2010:0755		     MD5: 4cc083aea282f18566ebc57c82c692f8
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.s390.rpm
File outdated by:  RHSA-2010:0755		     MD5: 5b06b024b11305381f17eb79e91e1ddc
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.s390.rpm
File outdated by:  RHSA-2010:0755		     MD5: 1ad96e241bad2285c0d7faf68b097217
 
s390x:
cups-1.1.22-0.rc1.9.27.el4_7.5.s390x.rpm
File outdated by:  RHSA-2010:0755		     MD5: e4cc45bcd80fe4f208f0c9fb5b3d6a22
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.s390x.rpm
File outdated by:  RHSA-2010:0755		     MD5: 0ed2817ee2b712a254176ea8b259e3d0
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.s390.rpm
File outdated by:  RHSA-2010:0755		     MD5: 1ad96e241bad2285c0d7faf68b097217
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.s390x.rpm
File outdated by:  RHSA-2010:0755		     MD5: 498a3180c4f74e5da601bd8c30887f32
 
x86_64:
cups-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 78150066ea7a7bbd595ecdaf989f13b1
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 1218006e170e9a8fec63975379f02da6
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: c9aa8b3aca745c1e045d1245a90bdacd
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
cups-1.1.22-0.rc1.9.27.el4_7.5.src.rpm
File outdated by:  RHSA-2010:0755		     MD5: 65e537ee66fdc75fdc5b5c107a59103f
 
IA-32:
cups-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 8a93182d74712d3424223c94364e3898
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 64cccbb589087cc695b4a478c8104766
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
 
IA-64:
cups-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm     MD5: 4de293e968fb552cf5f16ff5f6ae7a76
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm     MD5: d92f9ac006251ea64045d3eaa9ee9c0c
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm     MD5: c7664eb573bc83bce4b44aacbbc1f1a1
 
PPC:
cups-1.1.22-0.rc1.9.27.el4_7.5.ppc.rpm     MD5: cd1c77aadd47fe50ef199a1dd0ad3e08
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.ppc.rpm     MD5: 44a9d2917c14a399d04d60d4a49945ae
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ppc.rpm     MD5: 6529922f83f4cfdf02822bcb458737c8
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ppc64.rpm     MD5: 11aac78e0d3144b4d1033e83c3528c22
 
s390:
cups-1.1.22-0.rc1.9.27.el4_7.5.s390.rpm     MD5: 4cc083aea282f18566ebc57c82c692f8
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.s390.rpm     MD5: 5b06b024b11305381f17eb79e91e1ddc
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.s390.rpm     MD5: 1ad96e241bad2285c0d7faf68b097217
 
s390x:
cups-1.1.22-0.rc1.9.27.el4_7.5.s390x.rpm     MD5: e4cc45bcd80fe4f208f0c9fb5b3d6a22
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.s390x.rpm     MD5: 0ed2817ee2b712a254176ea8b259e3d0
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.s390.rpm     MD5: 1ad96e241bad2285c0d7faf68b097217
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.s390x.rpm     MD5: 498a3180c4f74e5da601bd8c30887f32
 
x86_64:
cups-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm     MD5: 78150066ea7a7bbd595ecdaf989f13b1
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm     MD5: 1218006e170e9a8fec63975379f02da6
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm     MD5: c9aa8b3aca745c1e045d1245a90bdacd
 
Red Hat Enterprise Linux Desktop (v. 5 client)
IA-32:
cups-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 29a55a23acdaa238ce91ce5946c98761
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-lpd-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 7607094954ecd6b2fb42f9837be50f1c
 
x86_64:
cups-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 81abd69556d1c93ec2ac503932520b20
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHBA-2011:0185		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-libs-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 8bcfd3a92e2c609680ef17aa11bab05f
cups-lpd-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHBA-2011:0185		     MD5: 0b9d181aaf56f25b42e228cd8dbc519f
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
cups-1.1.22-0.rc1.9.27.el4_7.5.src.rpm
File outdated by:  RHSA-2010:0755		     MD5: 65e537ee66fdc75fdc5b5c107a59103f
 
IA-32:
cups-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 8a93182d74712d3424223c94364e3898
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 64cccbb589087cc695b4a478c8104766
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
 
IA-64:
cups-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 4de293e968fb552cf5f16ff5f6ae7a76
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: d92f9ac006251ea64045d3eaa9ee9c0c
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: c7664eb573bc83bce4b44aacbbc1f1a1
 
x86_64:
cups-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 78150066ea7a7bbd595ecdaf989f13b1
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 1218006e170e9a8fec63975379f02da6
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: c9aa8b3aca745c1e045d1245a90bdacd
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
cups-1.1.22-0.rc1.9.27.el4_7.5.src.rpm
File outdated by:  RHSA-2010:0755		     MD5: 65e537ee66fdc75fdc5b5c107a59103f
 
IA-32:
cups-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 8a93182d74712d3424223c94364e3898
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 64cccbb589087cc695b4a478c8104766
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
 
IA-64:
cups-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm     MD5: 4de293e968fb552cf5f16ff5f6ae7a76
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm     MD5: d92f9ac006251ea64045d3eaa9ee9c0c
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm     MD5: c7664eb573bc83bce4b44aacbbc1f1a1
 
x86_64:
cups-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm     MD5: 78150066ea7a7bbd595ecdaf989f13b1
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm     MD5: 1218006e170e9a8fec63975379f02da6
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm     MD5: c9aa8b3aca745c1e045d1245a90bdacd
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)
IA-32:
cups-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 29a55a23acdaa238ce91ce5946c98761
cups-devel-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 55dee6b36916ca6070999d2fb009a259
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-lpd-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 7607094954ecd6b2fb42f9837be50f1c
 
IA-64:
cups-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHSA-2009:1082		     MD5: e309835af5e4dbe5ae1b0da32e34ce8c
cups-devel-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 210fc85e3e5d969ffc2aee3def1300a1
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-libs-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHSA-2009:1082		     MD5: be23c141cdf8fd117d9115ca1464bf1e
cups-lpd-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 40227841b0b08c0a9e7e81ec452767ac
 
PPC:
cups-1.3.7-8.el5_3.4.ppc.rpm
File outdated by:  RHSA-2009:1082		     MD5: 7ae15bc7119f69fa08af55fc3bcc42b8
cups-devel-1.3.7-8.el5_3.4.ppc.rpm
File outdated by:  RHSA-2009:1082		     MD5: 9f01da37173cfe087c2fe4d81bd6b314
cups-devel-1.3.7-8.el5_3.4.ppc64.rpm
File outdated by:  RHSA-2009:1082		     MD5: e5d0a3109f9dca98604b7f8cebb730b0
cups-libs-1.3.7-8.el5_3.4.ppc.rpm
File outdated by:  RHSA-2009:1082		     MD5: 5bc7572aad77db87e4df3eedee346551
cups-libs-1.3.7-8.el5_3.4.ppc64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 0b6ff435968f4f49190a8e67b5348890
cups-lpd-1.3.7-8.el5_3.4.ppc.rpm
File outdated by:  RHSA-2009:1082		     MD5: 717d3cf744d49ef44d4c0a630e0f7cc7
 
s390x:
cups-1.3.7-8.el5_3.4.s390x.rpm
File outdated by:  RHSA-2009:1082		     MD5: 8c34f3af28f933e5618289868ca755e0
cups-devel-1.3.7-8.el5_3.4.s390.rpm
File outdated by:  RHSA-2009:1082		     MD5: f454863d9a1c5db0708191c29e0011a3
cups-devel-1.3.7-8.el5_3.4.s390x.rpm
File outdated by:  RHSA-2009:1082		     MD5: 19e28c69127ff8820540e19b9b24e8df
cups-libs-1.3.7-8.el5_3.4.s390.rpm
File outdated by:  RHSA-2009:1082		     MD5: 869968f3ac2921ccbdf8f3a2a3c400d5
cups-libs-1.3.7-8.el5_3.4.s390x.rpm
File outdated by:  RHSA-2009:1082		     MD5: f7445b73ce6fc1434e054a7b83bbd01e
cups-lpd-1.3.7-8.el5_3.4.s390x.rpm
File outdated by:  RHSA-2009:1082		     MD5: 1eecfc1e239c9ab583498e26f5c52db0
 
x86_64:
cups-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 81abd69556d1c93ec2ac503932520b20
cups-devel-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 55dee6b36916ca6070999d2fb009a259
cups-devel-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 7e9a1bddfba9e8b4e29706c47a6ec776
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-libs-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 8bcfd3a92e2c609680ef17aa11bab05f
cups-lpd-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 0b9d181aaf56f25b42e228cd8dbc519f
 
Red Hat Enterprise Linux Long Life (v. 5.3 server)
IA-32:
cups-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 29a55a23acdaa238ce91ce5946c98761
cups-devel-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 55dee6b36916ca6070999d2fb009a259
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-lpd-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 7607094954ecd6b2fb42f9837be50f1c
 
IA-64:
cups-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHSA-2009:1082		     MD5: e309835af5e4dbe5ae1b0da32e34ce8c
cups-devel-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 210fc85e3e5d969ffc2aee3def1300a1
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-libs-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHSA-2009:1082		     MD5: be23c141cdf8fd117d9115ca1464bf1e
cups-lpd-1.3.7-8.el5_3.4.ia64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 40227841b0b08c0a9e7e81ec452767ac
 
x86_64:
cups-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 81abd69556d1c93ec2ac503932520b20
cups-devel-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 55dee6b36916ca6070999d2fb009a259
cups-devel-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 7e9a1bddfba9e8b4e29706c47a6ec776
cups-libs-1.3.7-8.el5_3.4.i386.rpm
File outdated by:  RHSA-2009:1082		     MD5: 926880421066e9cf04bda58696c3d5b7
cups-libs-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 8bcfd3a92e2c609680ef17aa11bab05f
cups-lpd-1.3.7-8.el5_3.4.x86_64.rpm
File outdated by:  RHSA-2009:1082		     MD5: 0b9d181aaf56f25b42e228cd8dbc519f
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
cups-1.1.22-0.rc1.9.27.el4_7.5.src.rpm
File outdated by:  RHSA-2010:0755		     MD5: 65e537ee66fdc75fdc5b5c107a59103f
 
IA-32:
cups-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 8a93182d74712d3424223c94364e3898
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 64cccbb589087cc695b4a478c8104766
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
 
IA-64:
cups-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 4de293e968fb552cf5f16ff5f6ae7a76
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: d92f9ac006251ea64045d3eaa9ee9c0c
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.ia64.rpm
File outdated by:  RHSA-2010:0755		     MD5: c7664eb573bc83bce4b44aacbbc1f1a1
 
x86_64:
cups-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 78150066ea7a7bbd595ecdaf989f13b1
cups-devel-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: 1218006e170e9a8fec63975379f02da6
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.i386.rpm
File outdated by:  RHSA-2010:0755		     MD5: 6a8f8561a17f5c37f93028cec4b05c7d
cups-libs-1.1.22-0.rc1.9.27.el4_7.5.x86_64.rpm
File outdated by:  RHSA-2010:0755		     MD5: c9aa8b3aca745c1e045d1245a90bdacd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

490596 - CVE-2009-0163 cups: Integer overflow in the TIFF image filter
490612 - CVE-2009-0146 xpdf: Multiple buffer overflows in JBIG2 decoder (setBitmap, readSymbolDictSeg)
490614 - CVE-2009-0147 xpdf: Multiple integer overflows in JBIG2 decoder
490625 - CVE-2009-0166 xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder
491864 - Multiple PDF flaws
495886 - CVE-2009-0799 PDF JBIG2 decoder OOB read
495887 - CVE-2009-0800 PDF JBIG2 multiple input validation flaws
495889 - CVE-2009-1179 PDF JBIG2 integer overflow
495892 - CVE-2009-1180 PDF JBIG2 invalid free()
495894 - CVE-2009-1181 PDF JBIG2 NULL dereference
495896 - CVE-2009-1182 PDF JBIG2 MMR decoder buffer overflows
495899 - CVE-2009-1183 PDF JBIG2 MMR infinite loop DoS


References

https://www.redhat.com/security/data/cve/CVE-2009-0146.html
https://www.redhat.com/security/data/cve/CVE-2009-0147.html
https://www.redhat.com/security/data/cve/CVE-2009-0163.html
https://www.redhat.com/security/data/cve/CVE-2009-0166.html
https://www.redhat.com/security/data/cve/CVE-2009-0195.html
https://www.redhat.com/security/data/cve/CVE-2009-0799.html
https://www.redhat.com/security/data/cve/CVE-2009-0800.html
https://www.redhat.com/security/data/cve/CVE-2009-1179.html
https://www.redhat.com/security/data/cve/CVE-2009-1180.html
https://www.redhat.com/security/data/cve/CVE-2009-1181.html
https://www.redhat.com/security/data/cve/CVE-2009-1182.html
https://www.redhat.com/security/data/cve/CVE-2009-1183.html
http://www.redhat.com/security/updates/classification/#important

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/