[med-svn] [Git][med-team/xmedcon][debian/bookworm] 2 commits: CVE-2024-29421.patch: add a DEP3 header.

Étienne Mollier (@emollier) gitlab at salsa.debian.org
Wed Aug 7 16:53:41 BST 2024 


Étienne Mollier pushed to branch debian/bookworm at Debian Med / xmedcon


Commits:
65064b90 by Étienne Mollier at 2024-08-07T17:50:49+02:00
CVE-2024-29421.patch: add a DEP3 header.

Gbp-Dch: ignore

- - - - -
fdbf9bc9 by Étienne Mollier at 2024-08-07T17:51:56+02:00
Bump changelog timestamp, ready for upload to p-u.

- - - - -


2 changed files:

- debian/changelog
- debian/patches/CVE-2024-29421.patch


Changes:

=====================================
debian/changelog
=====================================
@@ -3,7 +3,7 @@ xmedcon (0.23.0-gtk3+dfsg-1+deb12u1) bookworm; urgency=medium
   * Team upload.
   * CVE-2024-29421.patch: new: fix CVE-2024-29421. (Closes: #1077369)
 
- -- Étienne Mollier <emollier at debian.org>  Mon, 29 Jul 2024 22:22:14 +0200
+ -- Étienne Mollier <emollier at debian.org>  Wed, 07 Aug 2024 17:51:22 +0200
 
 xmedcon (0.23.0-gtk3+dfsg-1) unstable; urgency=medium
 


=====================================
debian/patches/CVE-2024-29421.patch
=====================================
@@ -1,3 +1,17 @@
+Description: Prevent overflow of value before a malloc().
+ This patch includes commits a35cd9b856c23e20cc1753e36cd9228391366082
+ from upstream, and 5131a648f09a82c26088b340bdd983fd09a6e19e for
+ additional error messaging.  This fixes CVE-2024-29421.
+
+Author: Erik Nolf
+Origin: upstream,
+        https://sourceforge.net/p/xmedcon/code/ci/5131a648f09a82c26088b340bdd983fd09a6e19e/,
+        https://sourceforge.net/p/xmedcon/code/ci/434925fca63c855dd6d24e4c018c2fa745646f9e/
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077369
+Reviewed-by: Étienne Mollier <emollier at debian.org>
+Last-Update: 2024-08-07
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 --- a/libs/dicom/basic.c
 +++ b/libs/dicom/basic.c
 @@ -401,6 +401,16 @@ int dicom_load(VR vr)



View it on GitLab: https://salsa.debian.org/med-team/xmedcon/-/compare/ef26c3773604c70866506769983cd75d8d551a72...fdbf9bc9c0e26158ba0f5d9415b213ec1e22ebbb

-- 
View it on GitLab: https://salsa.debian.org/med-team/xmedcon/-/compare/ef26c3773604c70866506769983cd75d8d551a72...fdbf9bc9c0e26158ba0f5d9415b213ec1e22ebbb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-med-commit/attachments/20240807/83349f9b/attachment-0001.htm>

More information about the debian-med-commit mailing list