Description of problem: CUPS contains a copy of the xpdf source code for use in pdftops filter. xpdf code has high amount of security problems reported and fixed in the past, all requiring CUPS update as well. CUPS packages in Fedora were recently changed to use a thin wrapper around pdftops provided by poppler-utils instead. If the same change can be done in RHEL5, we can avoid future CUPS updates for xpdf code fixes, fixing problems in poppler will be sufficient.
Tim, are you aware of reasons why we may not want to do this? Regression risk, worse control from the CUPS side, too old or too new version of poppler in EL5, or something else? TY!
It's just regression risk as far as I'm aware. Haven't yet investigated poppler version issues but that might also impact on it.
API used is the command line, and all used options are present in the RHEL-5 poppler-utils package. Regression risk seems to be small as the poppler and CUPS pdftops code bases share heritage. Proposing for RHEL-5.5 as it would fix approved bug #447987 as a side-effect.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2010-0210.html