SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionTwo integer overflow flaws were found in the CUPS 'pdftops' filter. An attacker could create a malicious PDF file that would cause 'pdftops' to crash or, potentially, execute arbitrary code as the 'lp' user if the file was printed. (CVE-2009-3608, CVE-2009-3609)
After installing the update, the cupsd daemon will be restarted automatically.
Note: Some older versions of SL 5 needed a newer version of rpm for this update. The SL 5.4 version of rpm and popt is included with this update.
Note: This update is already in SL 5.4
SolutionUpdate the affected packages.