Nom du paquet
cups
Date
2009-10-19
Advisory ID
MDVSA-2009:280
Affected versions
2009.1 i586 , 2009.1 x86_64

Problem description

Two integer overflow flaws were found in the CUPS pdftops filter. An
attacker could create a malicious PDF file that would cause pdftops
to crash or, potentially, execute arbitrary code as the lp user if
the file was printed. (CVE-2009-3608, CVE-2009-3609)

This update corrects the problem.

Updated packages

2009.1 i586

 fc982949e4efbdc4d07299c0252e237e  2009.1/i586/libpoppler4-0.10.6-1.1mdv2009.1.i586.rpm
 001ea99f5b04ce5972258e0c126c0840  2009.1/i586/libpoppler-devel-0.10.6-1.1mdv2009.1.i586.rpm
 6655e2a398603bed301e29c950affb9a  2009.1/i586/libpoppler-glib4-0.10.6-1.1mdv2009.1.i586.rpm
 df9102ac3bc8a3757937d52e3d816fb4  2009.1/i586/libpoppler-glib-devel-0.10.6-1.1mdv2009.1.i586.rpm
 fdd43dbc9695d73b3200d3cbeb513832  2009.1/i586/libpoppler-qt2-0.10.6-1.1mdv2009.1.i586.rpm
 8cb4b6627f8ff0ee2a63f3c2261db0e6  2009.1/i586/libpoppler-qt4-3-0.10.6-1.1mdv2009.1.i586.rpm
 943b2cf6b3f7ad1bea7fc546066f7ea0  2009.1/i586/libpoppler-qt4-devel-0.10.6-1.1mdv2009.1.i586.rpm
 7f889fbe88383f47cad059ec09e2a724  2009.1/i586/libpoppler-qt-devel-0.10.6-1.1mdv2009.1.i586.rpm
 a78e201e1fde5b2d51f4b2cd8a2e270a  2009.1/i586/poppler-0.10.6-1.1mdv2009.1.i586.rpm 
 ddb2f4eb47458afb256ea5c6b69bb080  2009.1/SRPMS/poppler-0.10.6-1.1mdv2009.1.src.rpm

2009.1 x86_64

 9b2bf497c17002887c24fbaf6b818e86  2009.1/x86_64/lib64poppler4-0.10.6-1.1mdv2009.1.x86_64.rpm
 0c94382f60421051fcc4bc6ca8506f68  2009.1/x86_64/lib64poppler-devel-0.10.6-1.1mdv2009.1.x86_64.rpm
 b5b19fbe40c5ac3fda2d8ac83ae0e738  2009.1/x86_64/lib64poppler-glib4-0.10.6-1.1mdv2009.1.x86_64.rpm
 e664052f55584be3a2c2bdf7d354ba63  2009.1/x86_64/lib64poppler-glib-devel-0.10.6-1.1mdv2009.1.x86_64.rpm
 26932a9a1bc51dce7814842be123b525  2009.1/x86_64/lib64poppler-qt2-0.10.6-1.1mdv2009.1.x86_64.rpm
 1965538d7207c5a69de5262d98d789af  2009.1/x86_64/lib64poppler-qt4-3-0.10.6-1.1mdv2009.1.x86_64.rpm
 061020fd93395ef5efc73c2fcd008ac5  2009.1/x86_64/lib64poppler-qt4-devel-0.10.6-1.1mdv2009.1.x86_64.rpm
 306ea93b6f6bda6555f7f1a613fb2561  2009.1/x86_64/lib64poppler-qt-devel-0.10.6-1.1mdv2009.1.x86_64.rpm
 f444021e96771b97c162b4482d10385b  2009.1/x86_64/poppler-0.10.6-1.1mdv2009.1.x86_64.rpm 
 ddb2f4eb47458afb256ea5c6b69bb080  2009.1/SRPMS/poppler-0.10.6-1.1mdv2009.1.src.rpm

References