Oval Definition:oval:com.redhat.rhsa:def:20071022
Revision Date:2007-11-07Version:635
Title:RHSA-2007:1022: cups security update (Important)
Description:The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems.

  • Alin Rad Pop discovered several flaws in the handling of PDF files. An attacker could create a malicious PDF file that would cause CUPS to crash or potentially execute arbitrary code when printed. (CVE-2007-4352, CVE-2007-5392, CVE-2007-5393)

  • Alin Rad Pop discovered a flaw in in the way CUPS handles certain IPP tags. A remote attacker who is able to connect to the IPP TCP port could send a malicious request causing the CUPS daemon to crash. (CVE-2007-4351)

  • A flaw was found in the way CUPS handled SSL negotiation. A remote attacker capable of connecting to the CUPS daemon could cause CUPS to crash. (CVE-2007-4045)

    All CUPS users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-4045
    CVE-2007-4351
    CVE-2007-4352
    CVE-2007-5392
    CVE-2007-5393
    RHSA-2007:1022
    RHSA-2007:1022-01
    RHSA-2007:1022-01
    Platform(s):Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • cups is earlier than 1:1.1.22-0.rc1.9.20.2.el4_5.2
  • AND cups is signed with Red Hat redhatrelease2 key
  • cups-devel is earlier than 1:1.1.22-0.rc1.9.20.2.el4_5.2
  • AND cups-devel is signed with Red Hat redhatrelease2 key
  • cups-libs is earlier than 1:1.1.22-0.rc1.9.20.2.el4_5.2
  • AND cups-libs is signed with Red Hat redhatrelease2 key
    • BACK