The Common UNIX® Printing System (CUPS) provides a portable printing layerfor UNIX operating systems. The Internet Printing Protocol (IPP) allowsusers to print and manage printing-related tasks over a network. A NULL pointer dereference flaw was found in the CUPS IPP routine, used forprocessing incoming IPP requests for the CUPS scheduler. An attacker coulduse this flaw to send specially-crafted IPP requests that would crash thecupsd daemon. (CVE-2009-0949)Red Hat would like to thank Anibal Sacco from Core Security Technologiesfor reporting this issue.Users of cups are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. After installing thisupdate, the cupsd daemon will be restarted automatically.