From Secunia security advisor at $URL:
The vulnerability is caused due to a boundary error within the "gif_read_lzw()" function (filter/image-gif.c) and can be exploited to cause a heap-based buffer overflow via specially crafted GIF images.
The vulnerability is confirmed in version 1.4.6. Prior versions may also be affected.
Update to version 1.4.7.
The vulnerability is confirmed in version 1.4.8. Other versions may also be affected.
Fixed in the SVN repository.
*cups-1.5.0-r1 (25 Aug 2011)
*cups-1.4.8-r21 (25 Aug 2011)
*cups-1.4.8-r1 (25 Aug 2011)
25 Aug 2011; Timo Gurr <firstname.lastname@example.org> -cups-1.4.6-r21.ebuild,
-cups-1.4.8.ebuild, +cups-1.4.8-r1.ebuild, +cups-1.4.8-r21.ebuild,
Revbumps fixing security issue CVE-2011-2896. Remove old.
Note: CVE-2011-2896, although talking about cups, refers to SECUNIA:45621 (which is imho exactly the same issue for gimp).
net-print/cups-1.4.8-r1 stablerequest filed
*** Bug 380825 has been marked as a duplicate of this bug. ***
This particular patch is CVE-2011-3170.
The -2896 patch was not sufficient to fix the issue in cups, thus this patch was needed. Please fix the naming in CVS. After that, we'll call arches in *this* bug, as usual.
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc x86"
Multiple compile test ok. No hw to test. amd64 ok
Archtested 1.4.8-r1 on amd64 (printing over wifi, administration interface, queues, jobs etc). All ok.
+ 28 Aug 2011; Tony Vroon <email@example.com> cups-1.4.8-r1.ebuild:
+ Marked stable on AMD64 based on arch testing by Agostino "ago" Sarubbo &
+ Tomáš "Mepho" Pružina in security bug #380771.
Stable for HPPA.
Thanks, everyone. Added to existing GLSA request.
No vulnerable version in the tree anymore.
This issue was resolved and addressed in
GLSA 201207-10 at http://security.gentoo.org/glsa/glsa-201207-10.xml
by GLSA coordinator Sean Amoss (ackle).