CVE-2008-5377 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5377): pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
"Affected script is not part of the upstream CUPS distribution" - We also do not ship it as an additional optional filter with CUPS, so our CUPS version(s) are not affected by this issue.
Does not affect us, we only have a pdftops filter and that was fixed per bug 201042.