Red Hat Product Errata RHSA-2009:1513 - Security Advisory
Issued:
2009-10-15
Updated:
2009-10-15

RHSA-2009:1513 - Security Advisory

Synopsis

Moderate: cups security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated cups packages that fix two security issues are now available for
Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS "pdftops" filter converts Portable
Document Format (PDF) files to PostScript.

Two integer overflow flaws were found in the CUPS "pdftops" filter. An
attacker could create a malicious PDF file that would cause "pdftops" to
crash or, potentially, execute arbitrary code as the "lp" user if the file
was printed. (CVE-2009-3608, CVE-2009-3609)

Red Hat would like to thank Chris Rohlf for reporting the CVE-2009-3608
issue.

Users of cups are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues. After installing the
update, the cupsd daemon will be restarted automatically.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 526637 - CVE-2009-3608 xpdf/poppler: integer overflow in ObjectStream::ObjectStream (oCERT-2009-016)
  • BZ - 526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow

Red Hat Enterprise Linux Server 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
x86_64
cups-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: a6e441de589c298ed93f58b713d550eacb37893b7905ba56d4e619fedd591089
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-devel-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: dfba562084fd2d533e7fbbc6c87bfc3f77caa92ce9f55527cffd673db269d52a
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 178ea7ff8e59b0bf8c01284d75dbadb22067c398de35de2b49981857581f83b0
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 29ca7f97dbc1e5ef3e53f4df0036d6cbf9a0883322e3a7815bd8b9d11fc56582
ia64
cups-1.3.7-11.el5_4.3.ia64.rpm SHA-256: efd0b3b1affc02213b801e67aeea881de83809d44da3759db977626f462a95e8
cups-devel-1.3.7-11.el5_4.3.ia64.rpm SHA-256: 234119cd9c931a314c5ad46f5037574ad0e804498e651fe96c386839a87c2b38
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.ia64.rpm SHA-256: d85fab3cfaadd23600084640ab04b2ca6c3b900635fa31167b187c3fda13c328
cups-lpd-1.3.7-11.el5_4.3.ia64.rpm SHA-256: 3ea565c2c789065cc368000b2fd8d6f354c1fecf960756921748ae61fe5a6f94
i386
cups-1.3.7-11.el5_4.3.i386.rpm SHA-256: 50bb7ffb9c6968c8cc9ad6daf2d0c7fb31e76143d57e4b1aef2f7e4c10b80bbb
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-lpd-1.3.7-11.el5_4.3.i386.rpm SHA-256: f7275fe31f98e0b0f79e65aec7acbb55bc4f97bee607e76092ca853befba041e

Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Workstation 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
x86_64
cups-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: a6e441de589c298ed93f58b713d550eacb37893b7905ba56d4e619fedd591089
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-devel-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: dfba562084fd2d533e7fbbc6c87bfc3f77caa92ce9f55527cffd673db269d52a
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 178ea7ff8e59b0bf8c01284d75dbadb22067c398de35de2b49981857581f83b0
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 29ca7f97dbc1e5ef3e53f4df0036d6cbf9a0883322e3a7815bd8b9d11fc56582
i386
cups-1.3.7-11.el5_4.3.i386.rpm SHA-256: 50bb7ffb9c6968c8cc9ad6daf2d0c7fb31e76143d57e4b1aef2f7e4c10b80bbb
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-lpd-1.3.7-11.el5_4.3.i386.rpm SHA-256: f7275fe31f98e0b0f79e65aec7acbb55bc4f97bee607e76092ca853befba041e

Red Hat Enterprise Linux Desktop 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
x86_64
cups-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: a6e441de589c298ed93f58b713d550eacb37893b7905ba56d4e619fedd591089
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 178ea7ff8e59b0bf8c01284d75dbadb22067c398de35de2b49981857581f83b0
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 29ca7f97dbc1e5ef3e53f4df0036d6cbf9a0883322e3a7815bd8b9d11fc56582
i386
cups-1.3.7-11.el5_4.3.i386.rpm SHA-256: 50bb7ffb9c6968c8cc9ad6daf2d0c7fb31e76143d57e4b1aef2f7e4c10b80bbb
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-lpd-1.3.7-11.el5_4.3.i386.rpm SHA-256: f7275fe31f98e0b0f79e65aec7acbb55bc4f97bee607e76092ca853befba041e

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
s390x
cups-1.3.7-11.el5_4.3.s390x.rpm SHA-256: 52c86ac0e3d66c1b302b63b50c27c5bf587b167c7edb3e6a0a424a3046b0429b
cups-devel-1.3.7-11.el5_4.3.s390.rpm SHA-256: 25e05efc7e135ed4971eaa1047990292709b6e9330bf3ef1a818d30bc0b1e687
cups-devel-1.3.7-11.el5_4.3.s390x.rpm SHA-256: 80ddd6a43840a07a4d4601fa676ba2ae63a2a7dfa85edd33ed405171a2857a6c
cups-libs-1.3.7-11.el5_4.3.s390.rpm SHA-256: 360e268fbbe949c1ccbeb2bd353c1bf1babd4fdcf891d2b17fb1831662e201c7
cups-libs-1.3.7-11.el5_4.3.s390x.rpm SHA-256: ae9c6d59d1b894202a8eb2f99d35d6892a75d15bf237ba18c31dd559b63b1332
cups-lpd-1.3.7-11.el5_4.3.s390x.rpm SHA-256: 7e137dc82d4b626f38eafba27a64b05f7121d4bf71768427bec1731a62ddb75a

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4

SRPM
s390x

Red Hat Enterprise Linux for Power, big endian 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
ppc
cups-1.3.7-11.el5_4.3.ppc.rpm SHA-256: 4d51f531e0ae22e024afde24de1b6df2f40eccf1ab03e245ace1632c70c184db
cups-devel-1.3.7-11.el5_4.3.ppc.rpm SHA-256: 7ebb3b6126cbfd5d624fac8e120c2aca3b0549b3ebacce8953e58b4fb4669cea
cups-devel-1.3.7-11.el5_4.3.ppc64.rpm SHA-256: b560b6bbc2615a6b6246869065ca499c79d5f50b1835f00e3d1eee1c28ef1071
cups-libs-1.3.7-11.el5_4.3.ppc.rpm SHA-256: 682d0508b138316897c8586f20af43be5154d2cf1d34d2ce115abf35f9f844a5
cups-libs-1.3.7-11.el5_4.3.ppc64.rpm SHA-256: bd2c155beceb5bfab644dc6cde87252af9dac9a16f0079ec08974fe2ba9ab4f2
cups-lpd-1.3.7-11.el5_4.3.ppc.rpm SHA-256: dcabef1f0637546f6b3cbd41d82d6592392495fae8f84ef200b01fbbbdda4545

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4

SRPM
ppc

Red Hat Enterprise Linux Server from RHUI 5

SRPM
cups-1.3.7-11.el5_4.3.src.rpm SHA-256: 3a495c12ce99f94d7266233462386f7fa16e30f58f34dfac7307cac9e958e840
x86_64
cups-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: a6e441de589c298ed93f58b713d550eacb37893b7905ba56d4e619fedd591089
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-devel-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: dfba562084fd2d533e7fbbc6c87bfc3f77caa92ce9f55527cffd673db269d52a
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-libs-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 178ea7ff8e59b0bf8c01284d75dbadb22067c398de35de2b49981857581f83b0
cups-lpd-1.3.7-11.el5_4.3.x86_64.rpm SHA-256: 29ca7f97dbc1e5ef3e53f4df0036d6cbf9a0883322e3a7815bd8b9d11fc56582
i386
cups-1.3.7-11.el5_4.3.i386.rpm SHA-256: 50bb7ffb9c6968c8cc9ad6daf2d0c7fb31e76143d57e4b1aef2f7e4c10b80bbb
cups-devel-1.3.7-11.el5_4.3.i386.rpm SHA-256: 6a0492d5d1ddb1f0706083b101c8390f07617d1794a4084dd36fb5dc8e28a8bd
cups-libs-1.3.7-11.el5_4.3.i386.rpm SHA-256: 4420dab0be5f1b29a4dc5003cc9cd325586832cfdc4631e58f1db3b8a1397e71
cups-lpd-1.3.7-11.el5_4.3.i386.rpm SHA-256: f7275fe31f98e0b0f79e65aec7acbb55bc4f97bee607e76092ca853befba041e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.