CUPS includes xpdf code and therefore might be vulnerable to CAN-2004-1125.
Please see bug 75191 for details and the patch.
This should probably be fixed together with bug 74479.
sorry for the delay, cups-1.1.23_rc1 fixes that
Stable and glsa handled through bug 74479
*** This bug has been marked as a duplicate of 74479 ***