-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 20 Feb 2025 21:59:03 +0100 Source: dcmtk Binary: dcmtk dcmtk-dbgsym libdcmtk-dev libdcmtk17 libdcmtk17-dbgsym Architecture: s390x Version: 3.6.7-9~deb12u3 Distribution: bookworm Urgency: medium Maintainer: s390x Build Daemon (zani) Changed-By: Étienne Mollier Description: dcmtk - OFFIS DICOM toolkit command line utilities libdcmtk-dev - OFFIS DICOM toolkit development libraries and headers libdcmtk17 - OFFIS DICOM toolkit runtime libraries Closes: 1070207 1098373 1098374 Changes: dcmtk (3.6.7-9~deb12u3) bookworm; urgency=medium . * Team upload. * Introduce patch series to fix CVE-2024-28130. This change introduces the patches: * 0001-Fixed-unchecked-typecasts-of-DcmItem-search-results.patch * 0002-Fixed-unchecked-typecasts-and-fixed-LUT-handling.patch * 0003-Fixed-wrong-error-handling-previous-commit.patch mapping to upstream commits: * dc6a2446dc03c9db90f82ce17a597f2cd53776c5 * 601b227eecaab33a3a3a11dc256d84b1a62f63af * 7d54f8efec995e5601d089fa17b0625c2b41af23 with the nuance that upstream check functions are inlined, in order to avoid an ABI breakage. Thanks to Adrian Bunk (Closes: #1070207) * 0009-CVE-2025-25475.patch: new: fix CVE-2025-25475. (Closes: #1098373) * 0010-CVE-2025-25474.patch: new: fix CVE-2025-25474. (Closes: #1098374) * 0011-CVE-2025-25472.patch: new: fix CVE-2025-25472. Checksums-Sha1: 615037d015f09c48396454bbce2105d1a2dda6d8 4859368 dcmtk-dbgsym_3.6.7-9~deb12u3_s390x.deb bec512e4def9b3f50dc8b79faa56de9f27fdff6a 8933 dcmtk_3.6.7-9~deb12u3_s390x-buildd.buildinfo 8722d9d6d3eece330e462a988f8bc472bd2e7166 801984 dcmtk_3.6.7-9~deb12u3_s390x.deb b217af18811a8cf96f443fb320d9bfac4c72744c 1013200 libdcmtk-dev_3.6.7-9~deb12u3_s390x.deb 9fca5de819f5a51da3ef69f8f5d975582a28fab4 63406168 libdcmtk17-dbgsym_3.6.7-9~deb12u3_s390x.deb 26db51f98839317a70feae1d204ec829be872a6e 4311620 libdcmtk17_3.6.7-9~deb12u3_s390x.deb Checksums-Sha256: 0afccea25b7b065d8fd7c21133880d467c4a433a7c483179b1ecf70792d3ab58 4859368 dcmtk-dbgsym_3.6.7-9~deb12u3_s390x.deb 287412b256d89b915a020a4a0daa564fd8cb4af382272cd9df5d31068c29b991 8933 dcmtk_3.6.7-9~deb12u3_s390x-buildd.buildinfo ea9c7abe92b2f95713b07bc5d562759a01c379cadd48cf599f428190a082ec47 801984 dcmtk_3.6.7-9~deb12u3_s390x.deb b90886229177e175ef5a9eaad72fab132ece7b3b6fe25cf4235b0ae2f728adbb 1013200 libdcmtk-dev_3.6.7-9~deb12u3_s390x.deb 4892c3e483dfe01825c668f4b93a035d8bd80a1b9f0abcab24aff05febecc42b 63406168 libdcmtk17-dbgsym_3.6.7-9~deb12u3_s390x.deb b804f70533850232497bed297ece027507fa67e22ced050bd7e3dc3624d49f54 4311620 libdcmtk17_3.6.7-9~deb12u3_s390x.deb Files: 5a60f104e591b5a1b29d248a4e724cf6 4859368 debug optional dcmtk-dbgsym_3.6.7-9~deb12u3_s390x.deb a629d8995423736c17cceade9bc90046 8933 science optional dcmtk_3.6.7-9~deb12u3_s390x-buildd.buildinfo 6a9dc497fec72927615700998e0c7508 801984 science optional dcmtk_3.6.7-9~deb12u3_s390x.deb 8f863ca01d7646fbe1e7065ef2ab1268 1013200 libdevel optional libdcmtk-dev_3.6.7-9~deb12u3_s390x.deb f00a8142b3befba9c651d38360aab144 63406168 debug optional libdcmtk17-dbgsym_3.6.7-9~deb12u3_s390x.deb 1233d8b155695ec3b213575cbfad9a8a 4311620 libs optional libdcmtk17_3.6.7-9~deb12u3_s390x.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZTC4/c20pi1/n7UBUhVQ83ojQ7QFAmfMrioACgkQUhVQ83oj Q7SCFBAArHP+631NfOqA8yY7Ocdf957dpVuzNbPTYr6EYCnUv7Liaf7Mr6jViKKA xyyg/SsEXZq0iKukL/QFq+YEc2gHc37FyLY94E0E7yVFHPHSlgoZBnoEJ9gJUewO sDSZ03HrhpsHj6vmvPa5eZjcyIcQhGlSgIGqdl2wd9Dpfq32TOFaxByRTZKE8H0c oPfN4s24rHRwYtPEwop6qdyk+PTZZ0QIlXNVGdYyYvW5rmGG+YipWigq/tPsTiFp dhvd6Qu1TNwGcTztnrqjPL0LRo2/Ln8S0Ws8mcFOlYT0so7HJLwPwj+pRCTiGTg+ Zkw8Z/JSHDovPz4Fjix3zw5sMuL+AFafMjcAn1u/95/+i7OVwXia/06+YGzuOj+J eeuqGR2akPWdyw2OSJsSDKBAB7dSGtJc2yhp4Ke7WH1T5Mtv5tMwoAKC20CaOltR otz8mjUXNMl7pc3dw4FxItmoQANhnynFH4aSLNv8F4rLRrKa1ICPKGqxrc9XRA4k hgrSww5yz4LOTc8mFngA61TfCVt3HcsAbDzqmyY4uX1vJFT3vpLEMpbDMlUjMxXY cC0YXgRTmNbYrrHBPFxm+kTFp1uWVmxLqKJkQgxu814Pu0n4hKyCfrjf//1ialoR Q9n+nrj3Y4qZB6+CKziKi61CBxw45zI/gCbya3vkoqFZjT3evp0= =L1tX -----END PGP SIGNATURE-----