Red Hat Product Errata RHSA-2010:0755 - Security Advisory

Issued:: 2010-10-07
Updated:: 2010-10-07

RHSA-2010:0755 - Security Advisory

Overview
Updated Packages

Synopsis

Important: cups security update

Type/Severity

Security Advisory: Important

Topic

Updated cups packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.

Description

The Common UNIX Printing System (CUPS) provides a portable printing layer
for UNIX operating systems. The CUPS "pdftops" filter converts Portable
Document Format (PDF) files to PostScript.

Multiple flaws were discovered in the CUPS "pdftops" filter. An attacker
could create a malicious PDF file that, when printed, would cause "pdftops"
to crash or, potentially, execute arbitrary code as the "lp" user.
(CVE-2010-3702, CVE-2009-3609)

Users of cups are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. After installing this
update, the cupsd daemon will be restarted automatically.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 ia64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8 ppc

Fixes

BZ - 526893 - CVE-2009-3609 xpdf/poppler: ImageStream::ImageStream integer overflow
BZ - 595245 - CVE-2010-3702 xpdf: uninitialized Gfx::parser pointer dereference

CVEs

References

http://www.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm	SHA-256: 3332ad0708c57ec329817afb08ca91f56de23fd2fb4f1358fcd2e4f7ccd14caf
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: f8d058ab8917342039b52291257b18097976f35af28df5912cfb67c9f62bc633
cups-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: f8d058ab8917342039b52291257b18097976f35af28df5912cfb67c9f62bc633
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: fed450c3846627bdc2ab8dfb505b20638d618111d70c46116d03ae8ffb0526ab
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: fed450c3846627bdc2ab8dfb505b20638d618111d70c46116d03ae8ffb0526ab
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: 333112a8ff68822321f0d9f09ced6495e774ba22f6fa1bde09a04a652a18a3c2
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: 333112a8ff68822321f0d9f09ced6495e774ba22f6fa1bde09a04a652a18a3c2
ia64
cups-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 769781e84a1d9b760b5740807161337a76554fd22f4affe55ca9194474c4e39c
cups-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 769781e84a1d9b760b5740807161337a76554fd22f4affe55ca9194474c4e39c
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 68b51d6edd4c2e36ecc745990685002eee85cc15a3a2452a024f9689933a2a94
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 68b51d6edd4c2e36ecc745990685002eee85cc15a3a2452a024f9689933a2a94
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: bdd677a768d574111125bee334b717a3148509f932a527871616ba9926c5fdc4
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: bdd677a768d574111125bee334b717a3148509f932a527871616ba9926c5fdc4
i386
cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 32e96861cc4e4eb3acabc4a94698a58cccce0a49f774f6197a31ac0c392bd321
cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 32e96861cc4e4eb3acabc4a94698a58cccce0a49f774f6197a31ac0c392bd321
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 39c7551684e4f1711b9f4fe154b9904f22366aa13ac695030510fa614700f855
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 39c7551684e4f1711b9f4fe154b9904f22366aa13ac695030510fa614700f855
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm	SHA-256: 3332ad0708c57ec329817afb08ca91f56de23fd2fb4f1358fcd2e4f7ccd14caf
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: f8d058ab8917342039b52291257b18097976f35af28df5912cfb67c9f62bc633
cups-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: f8d058ab8917342039b52291257b18097976f35af28df5912cfb67c9f62bc633
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: fed450c3846627bdc2ab8dfb505b20638d618111d70c46116d03ae8ffb0526ab
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: fed450c3846627bdc2ab8dfb505b20638d618111d70c46116d03ae8ffb0526ab
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: 333112a8ff68822321f0d9f09ced6495e774ba22f6fa1bde09a04a652a18a3c2
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: 333112a8ff68822321f0d9f09ced6495e774ba22f6fa1bde09a04a652a18a3c2
ia64
cups-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 769781e84a1d9b760b5740807161337a76554fd22f4affe55ca9194474c4e39c
cups-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 769781e84a1d9b760b5740807161337a76554fd22f4affe55ca9194474c4e39c
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 68b51d6edd4c2e36ecc745990685002eee85cc15a3a2452a024f9689933a2a94
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 68b51d6edd4c2e36ecc745990685002eee85cc15a3a2452a024f9689933a2a94
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: bdd677a768d574111125bee334b717a3148509f932a527871616ba9926c5fdc4
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: bdd677a768d574111125bee334b717a3148509f932a527871616ba9926c5fdc4
i386
cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 32e96861cc4e4eb3acabc4a94698a58cccce0a49f774f6197a31ac0c392bd321
cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 32e96861cc4e4eb3acabc4a94698a58cccce0a49f774f6197a31ac0c392bd321
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 39c7551684e4f1711b9f4fe154b9904f22366aa13ac695030510fa614700f855
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 39c7551684e4f1711b9f4fe154b9904f22366aa13ac695030510fa614700f855
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17

Red Hat Enterprise Linux Workstation 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm	SHA-256: 3332ad0708c57ec329817afb08ca91f56de23fd2fb4f1358fcd2e4f7ccd14caf
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: f8d058ab8917342039b52291257b18097976f35af28df5912cfb67c9f62bc633
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: fed450c3846627bdc2ab8dfb505b20638d618111d70c46116d03ae8ffb0526ab
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: 333112a8ff68822321f0d9f09ced6495e774ba22f6fa1bde09a04a652a18a3c2
ia64
cups-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 769781e84a1d9b760b5740807161337a76554fd22f4affe55ca9194474c4e39c
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: 68b51d6edd4c2e36ecc745990685002eee85cc15a3a2452a024f9689933a2a94
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ia64.rpm	SHA-256: bdd677a768d574111125bee334b717a3148509f932a527871616ba9926c5fdc4
i386
cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 32e96861cc4e4eb3acabc4a94698a58cccce0a49f774f6197a31ac0c392bd321
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 39c7551684e4f1711b9f4fe154b9904f22366aa13ac695030510fa614700f855
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17

Red Hat Enterprise Linux Desktop 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm	SHA-256: 3332ad0708c57ec329817afb08ca91f56de23fd2fb4f1358fcd2e4f7ccd14caf
x86_64
cups-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: f8d058ab8917342039b52291257b18097976f35af28df5912cfb67c9f62bc633
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: fed450c3846627bdc2ab8dfb505b20638d618111d70c46116d03ae8ffb0526ab
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.x86_64.rpm	SHA-256: 333112a8ff68822321f0d9f09ced6495e774ba22f6fa1bde09a04a652a18a3c2
i386
cups-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 32e96861cc4e4eb3acabc4a94698a58cccce0a49f774f6197a31ac0c392bd321
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 39c7551684e4f1711b9f4fe154b9904f22366aa13ac695030510fa614700f855
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.i386.rpm	SHA-256: 362d9be56a56675b14326455bd0848d626b85d669faaacb07cd42da38279db17

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm	SHA-256: 3332ad0708c57ec329817afb08ca91f56de23fd2fb4f1358fcd2e4f7ccd14caf
s390x
cups-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm	SHA-256: 8b22783e455e285c0e0cffce911e12b87360a856be69007764bc1a58e253332d
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm	SHA-256: dde6e3ada2fc3b854b603e12bf53b4b07c0cf1d02e3dfb3746a7bdf3299fe56e
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm	SHA-256: 627a52f0136fffdf95ecf395e649932fa41d122dbb49b38e5af85bdd20f729f2
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm	SHA-256: e362055aa04fa96c0e282ae174928578f2b4168a6a0c4280e7afd7fa0870f4a7
s390
cups-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm	SHA-256: ff858f147bc8d25cdffd9ad05641dd4c93ff8902098997c272d46b6a41244246
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm	SHA-256: 3e7e69a614eaba22f89588a76d8c850623241915203100aebedf6ab547cd512c
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm	SHA-256: 627a52f0136fffdf95ecf395e649932fa41d122dbb49b38e5af85bdd20f729f2

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm	SHA-256: 3332ad0708c57ec329817afb08ca91f56de23fd2fb4f1358fcd2e4f7ccd14caf
s390x
cups-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm	SHA-256: 8b22783e455e285c0e0cffce911e12b87360a856be69007764bc1a58e253332d
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm	SHA-256: dde6e3ada2fc3b854b603e12bf53b4b07c0cf1d02e3dfb3746a7bdf3299fe56e
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm	SHA-256: 627a52f0136fffdf95ecf395e649932fa41d122dbb49b38e5af85bdd20f729f2
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.s390x.rpm	SHA-256: e362055aa04fa96c0e282ae174928578f2b4168a6a0c4280e7afd7fa0870f4a7
s390
cups-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm	SHA-256: ff858f147bc8d25cdffd9ad05641dd4c93ff8902098997c272d46b6a41244246
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm	SHA-256: 3e7e69a614eaba22f89588a76d8c850623241915203100aebedf6ab547cd512c
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.s390.rpm	SHA-256: 627a52f0136fffdf95ecf395e649932fa41d122dbb49b38e5af85bdd20f729f2

Red Hat Enterprise Linux for Power, big endian 4

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm	SHA-256: 3332ad0708c57ec329817afb08ca91f56de23fd2fb4f1358fcd2e4f7ccd14caf
ppc
cups-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm	SHA-256: 78e65699709267ec25e3561ee36c3f0b9f2dce5f06d14b1f96bc7b26a42c0de4
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm	SHA-256: 1c7e5de117db8d82f76222fd77c207fe47be2db43820f2edb6fd7b1fa5deb95a
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm	SHA-256: 598c835f5c58b664c3564e01f07c9a21b1871cd7f2528af6eb588e4328bd7ba2
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ppc64.rpm	SHA-256: 45445ebf7072cac15e7217f552f07c8030b5946f9b9a92d72211c7363b194d06

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8

SRPM
cups-1.1.22-0.rc1.9.32.el4_8.10.src.rpm	SHA-256: 3332ad0708c57ec329817afb08ca91f56de23fd2fb4f1358fcd2e4f7ccd14caf
ppc
cups-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm	SHA-256: 78e65699709267ec25e3561ee36c3f0b9f2dce5f06d14b1f96bc7b26a42c0de4
cups-devel-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm	SHA-256: 1c7e5de117db8d82f76222fd77c207fe47be2db43820f2edb6fd7b1fa5deb95a
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ppc.rpm	SHA-256: 598c835f5c58b664c3564e01f07c9a21b1871cd7f2528af6eb588e4328bd7ba2
cups-libs-1.1.22-0.rc1.9.32.el4_8.10.ppc64.rpm	SHA-256: 45445ebf7072cac15e7217f552f07c8030b5946f9b9a92d72211c7363b194d06

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Mobile

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories