-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 20 Feb 2025 21:59:03 +0100 Source: dcmtk Binary: dcmtk dcmtk-dbgsym libdcmtk-dev libdcmtk17 libdcmtk17-dbgsym Architecture: amd64 Version: 3.6.7-9~deb12u3 Distribution: bookworm Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Étienne Mollier Description: dcmtk - OFFIS DICOM toolkit command line utilities libdcmtk-dev - OFFIS DICOM toolkit development libraries and headers libdcmtk17 - OFFIS DICOM toolkit runtime libraries Closes: 1070207 1098373 1098374 Changes: dcmtk (3.6.7-9~deb12u3) bookworm; urgency=medium . * Team upload. * Introduce patch series to fix CVE-2024-28130. This change introduces the patches: * 0001-Fixed-unchecked-typecasts-of-DcmItem-search-results.patch * 0002-Fixed-unchecked-typecasts-and-fixed-LUT-handling.patch * 0003-Fixed-wrong-error-handling-previous-commit.patch mapping to upstream commits: * dc6a2446dc03c9db90f82ce17a597f2cd53776c5 * 601b227eecaab33a3a3a11dc256d84b1a62f63af * 7d54f8efec995e5601d089fa17b0625c2b41af23 with the nuance that upstream check functions are inlined, in order to avoid an ABI breakage. Thanks to Adrian Bunk (Closes: #1070207) * 0009-CVE-2025-25475.patch: new: fix CVE-2025-25475. (Closes: #1098373) * 0010-CVE-2025-25474.patch: new: fix CVE-2025-25474. (Closes: #1098374) * 0011-CVE-2025-25472.patch: new: fix CVE-2025-25472. Checksums-Sha1: dff9e5aef8d86370a62410a0a012343d4a70e433 5500908 dcmtk-dbgsym_3.6.7-9~deb12u3_amd64.deb 429838bf4ba387ad94feaee118e5d82ed8f0cdb7 9077 dcmtk_3.6.7-9~deb12u3_amd64-buildd.buildinfo 8178a80f5cd44b9e80e5b8aea65493eabc8e47df 886452 dcmtk_3.6.7-9~deb12u3_amd64.deb d8959df5ebb13aadb20ae2fba34cac96545e8ec0 1013108 libdcmtk-dev_3.6.7-9~deb12u3_amd64.deb df8e520b419ebf329abdd1c3b8dfd9a4ea4a284b 65474260 libdcmtk17-dbgsym_3.6.7-9~deb12u3_amd64.deb d728064f9b4ce60ab05a4d4061e18a769d7e82a6 5074328 libdcmtk17_3.6.7-9~deb12u3_amd64.deb Checksums-Sha256: da151ed4d8bb2df173d10fe67188b4a2330297f9f5bc8264c353f74e71e49025 5500908 dcmtk-dbgsym_3.6.7-9~deb12u3_amd64.deb bf50a745777ca42ee07575b0c8acd7bf312ebdd30e27d0ea02346dd8928cfe12 9077 dcmtk_3.6.7-9~deb12u3_amd64-buildd.buildinfo c761e25c9ca6fce4fb33c7de1f40e5bb17b817a351930a81628040b7e7669897 886452 dcmtk_3.6.7-9~deb12u3_amd64.deb a3cdc857ab9d7f396f07932cd847f57666db4ae9543d8a16f13710321c039949 1013108 libdcmtk-dev_3.6.7-9~deb12u3_amd64.deb c2ad8dbbb8ca7148def3d196e54b0b24d3ecf0c925b7b3f3beea042c68041b52 65474260 libdcmtk17-dbgsym_3.6.7-9~deb12u3_amd64.deb 169a256c2b574cfedf816953e1c04361d8467e1f3908c6a3c7f0f18c16b4404e 5074328 libdcmtk17_3.6.7-9~deb12u3_amd64.deb Files: 4b6c6b277e23ddde8cd080e9a86a67f8 5500908 debug optional dcmtk-dbgsym_3.6.7-9~deb12u3_amd64.deb d2c3bf86e3d27a6572aae73037f80bca 9077 science optional dcmtk_3.6.7-9~deb12u3_amd64-buildd.buildinfo 5aaa94b3040b1ebd5fe58f5a0abedd2a 886452 science optional dcmtk_3.6.7-9~deb12u3_amd64.deb ec6b29a1dbdfe9b0e3ee3c3565502540 1013108 libdevel optional libdcmtk-dev_3.6.7-9~deb12u3_amd64.deb 72660da4c432e270f27e78b2bfaeb6f0 65474260 debug optional libdcmtk17-dbgsym_3.6.7-9~deb12u3_amd64.deb 8140228a3bf29e3ad229a3e60b6bfb54 5074328 libs optional libdcmtk17_3.6.7-9~deb12u3_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgdRoRGwEM09wlaMzOni7ZmUpKEcFAmfMrVwACgkQOni7ZmUp KEdldA//SS7YfzGXPAY9xl3PUtkaungAirFgNpfpGPFbtcepMhdS5G3r6Pyax9qV U/nR5qu2tGcMNs4i0wefbYc68Cbh4up6tL/vAUnYwYr/VTvqXvoxUdcYaJgcnDeI X9oH95X7BNFwpQsyOlwcItMOerejJ16HksTka8eNWlGMjl4gv1BYrz3E5nNqS4lK ktbOKJCaHGPSci9f6VLdbWwEdycLYlWQB1f6MV9u7FSHVznWvviQ88hQ15DN2H97 hUgtSvxNDAAnpVDnWp1ZPlA+f/cHGUqyvuQrnAH6Ojv4mR8udjOyOw5Eh3ivJWl0 8mvXbWUaNXN1U1MNDIXfuYqQtakOQd43HNhJWqL+SKG2jmqgCjTQ6lMLT1hSWim7 9i7FAnR4HqRcTBo1mFA/h5jtmiwVgmE+O8CvA9pMrQZtqUrIDq8GOFgKtfHWDmIy V7Hi9GEqUz546+9g/wSDnc1Tp3C4O5GSqNoerDev/CvtGGfqxZZ1HmoW6rulT7c2 1/MnhQKkCstt0+yhP+hgjeBKC6yhOKtaCdyQGJJ2TEJuv9jp3SwgvpQVkzYigAk/ gRZBmr+6JQcUR1O0L+OWKEYSrk4vNj2a2Ryp3bI9f3FKR8SE2Axwv7ToXf8P0gt0 VVLOpnGMyB6HAhTE30xRtLUe/hBj8bxD4XfRL2MAUk1+9gGVRqk= =0BLS -----END PGP SIGNATURE-----