-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 20 Feb 2025 21:59:03 +0100 Source: dcmtk Binary: dcmtk dcmtk-dbgsym libdcmtk-dev libdcmtk17 libdcmtk17-dbgsym Architecture: i386 Version: 3.6.7-9~deb12u3 Distribution: bookworm Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Étienne Mollier Description: dcmtk - OFFIS DICOM toolkit command line utilities libdcmtk-dev - OFFIS DICOM toolkit development libraries and headers libdcmtk17 - OFFIS DICOM toolkit runtime libraries Closes: 1070207 1098373 1098374 Changes: dcmtk (3.6.7-9~deb12u3) bookworm; urgency=medium . * Team upload. * Introduce patch series to fix CVE-2024-28130. This change introduces the patches: * 0001-Fixed-unchecked-typecasts-of-DcmItem-search-results.patch * 0002-Fixed-unchecked-typecasts-and-fixed-LUT-handling.patch * 0003-Fixed-wrong-error-handling-previous-commit.patch mapping to upstream commits: * dc6a2446dc03c9db90f82ce17a597f2cd53776c5 * 601b227eecaab33a3a3a11dc256d84b1a62f63af * 7d54f8efec995e5601d089fa17b0625c2b41af23 with the nuance that upstream check functions are inlined, in order to avoid an ABI breakage. Thanks to Adrian Bunk (Closes: #1070207) * 0009-CVE-2025-25475.patch: new: fix CVE-2025-25475. (Closes: #1098373) * 0010-CVE-2025-25474.patch: new: fix CVE-2025-25474. (Closes: #1098374) * 0011-CVE-2025-25472.patch: new: fix CVE-2025-25472. Checksums-Sha1: e76c892e8c46d2aefff1622b466f754ac2f19fb8 5204972 dcmtk-dbgsym_3.6.7-9~deb12u3_i386.deb 378c0188c88162b395be7517a4470fea16a04b1a 9008 dcmtk_3.6.7-9~deb12u3_i386-buildd.buildinfo af14416d8082a22ba87ac012a9ae124e3d8af05c 901212 dcmtk_3.6.7-9~deb12u3_i386.deb c115cc89a70c98cfe8e7e1c7524f9d2980234322 1013164 libdcmtk-dev_3.6.7-9~deb12u3_i386.deb 5c1a7751f3b928a9cdb79c25a131a4fc19f2c17a 62335052 libdcmtk17-dbgsym_3.6.7-9~deb12u3_i386.deb 7775c7376d67b030bfb31c559af5fa1701a62ad4 5355256 libdcmtk17_3.6.7-9~deb12u3_i386.deb Checksums-Sha256: b64c1cdc4588a362f0e497b20eeb4126894c7f90f2ae026dad1e6843ce8bd0a8 5204972 dcmtk-dbgsym_3.6.7-9~deb12u3_i386.deb 5f327f215713206e846bfb496de6be880af7af5bd46fa02b7981f9e466a47694 9008 dcmtk_3.6.7-9~deb12u3_i386-buildd.buildinfo c4e350cdfc2fd2403db25db19f3e5bd02ccc157022b01555f938dce5635bd8ba 901212 dcmtk_3.6.7-9~deb12u3_i386.deb b05d6eace419198c5c5c8a893808a5256c265723001b093774a6e84d57e2fa94 1013164 libdcmtk-dev_3.6.7-9~deb12u3_i386.deb b437f477068889ae86bc3f13a1463ef060828525876287762743534271625ae5 62335052 libdcmtk17-dbgsym_3.6.7-9~deb12u3_i386.deb 8550bb1dbe746765d8296d36ceb468d6ce516966f6f5ef62dd0eed63fccb38d7 5355256 libdcmtk17_3.6.7-9~deb12u3_i386.deb Files: eb80857ef0f74f87b12a398d97c948e1 5204972 debug optional dcmtk-dbgsym_3.6.7-9~deb12u3_i386.deb 013e13ae40f9d23b7624c72937670aac 9008 science optional dcmtk_3.6.7-9~deb12u3_i386-buildd.buildinfo 2e02d1b5c499f7839f92f593cf08649e 901212 science optional dcmtk_3.6.7-9~deb12u3_i386.deb 861cf786e6c639ed5bdfefd671fcdffc 1013164 libdevel optional libdcmtk-dev_3.6.7-9~deb12u3_i386.deb 30d271e878e21635045ae89b77aab17a 62335052 debug optional libdcmtk17-dbgsym_3.6.7-9~deb12u3_i386.deb dd30c4d6c1e9d0ca2a4b20889a501fbb 5355256 libs optional libdcmtk17_3.6.7-9~deb12u3_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErEDrIdpJkzFMm6K+PyQET5WCY90FAmfMrWQACgkQPyQET5WC Y92eHA/9HqJp4NjDG6qSrCUywHlYOCdK5Ahwd2MEWsku0KSwiP4nKlh2y7hFqRe1 rZvRGvd2Zzk0xYqcvL7nGNR1lqkgtnFdwrdpQHuKbxD9PLvoVbbd+K0qxkYsJWQm suPZXTDozfl8vK0BpzzMZEqAKlWPq6fpuSuMgBa8mltPBtfpWK2fosC9qJ0FL8wk dGxHVWX2UjCNlwNBYxTG2ltVs/uDFspu41DhdzxSsiaNFezZsLhT1iwpMCOAJFCp y6RODKo3ykla26QhjfnwKFtFmvTNSmS7g68kAncoRycthtFKQPH7qXFxJPx5WLD4 CoAtRn4FdOCkDCr9Qm1UG7vqWRxCJgLIB1Nzp71HrN8Twnm73Je+e0Es360P6Yqc FVNV57aTt2spnyleUmpZ+vDx3E9vhGbaPWiDgzkvjluFZLVhFC3cRJRTrQAfok4U CTR7OgRRU0T7ARynPdIrwTdgd7VmZ0p2YOpvkj28wchURaMXC98lJyTozowiEnvE efiVJc2Fdymq4EVzm1DvkW+/s5N49434EIaW/ivFIqw/XcVFEYJ/Y9ht0M4QoDrM 9lYCNmS70x0ENQPVb3PR8gzAEzRA6WNKPk3av9BBj9XzgxzujS0qVP2MIZSoKJjL LbnQDLY4x7HhsHebkf+CQztY/tagkbD2HvIdjl18k7BRW897cMA= =wMhS -----END PGP SIGNATURE-----