CUPS update closes security holes
Version 1.3.10 of the CUPS printer service closes three security weaknesses in addition to fixing a large number of bugs. With some processing of TIFF and PNG images it is possible to cause a buffer overflow. According to the bug reportThe TIFF overflow, at least, can be exploited with manipulated image files.
The other security fix in the release protects the print service from DNS rebinding attacks. This was resolved by adding extra HTTP header validation. Linux distributions are already distributing updated packages of the Apple developed software.