Description of problem:
http://www.idefense.com/advisory/12.23.02.txt describes how to attack
pdftops filter used, among other things, by CUPS. That advisory is
specifically for a version of xpdf currently in rawhide but it mentions
that it applies to all earlier versions as well. It also includes a
reference to a patch (although 'indexHighA != indexHighA && 0xff' test
would be likely marginally simpler).
known issue, erratum for CUPS and Xpdf packages is in progress
CUPS was released some time ago, xpdf updates were completed last week.