CUPS: Buffer overflow — GLSA 201607-06

A buffer overflow in CUPS might allow remote attackers to execute arbitrary code.

Affected packages

Package 	net-print/cups on all architectures
Affected versions 	< 2.0.2-r1
Unaffected versions 	>= 2.0.2-r1

Background

CUPS, the Common Unix Printing System, is a full-featured print server.

Description

A vulnerability has been discovered in CUPS concerning the handling of compressed raster files.

Impact

A remote attacker could possibly execute arbitrary code with the privileges of the process.

Workaround

There is no known workaround at this time.

Resolution

All CUPS users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-print/cups-2.0.2-r1"
 

References

    CVE-2014-9679