[med-svn] [Git][med-team/dcmtk][master] 4 commits: d/control: relax dependency on dcmtk-data. Closes: #1098944
Mathieu Malaterre (@malat)
gitlab at salsa.debian.org
Fri Mar 21 12:23:43 GMT 2025
Mathieu Malaterre pushed to branch master at Debian Med / dcmtk
Commits:
57a577d7 by Mathieu Malaterre at 2025-03-21T12:47:15+01:00
d/control: relax dependency on dcmtk-data. Closes: #1098944
- - - - -
cbee9c66 by Mathieu Malaterre at 2025-03-21T12:47:18+01:00
0012-CVE-2025-2357.patch: new: fix CVE-2025-2357.
Closes: #1100724
- - - - -
55152287 by Mathieu Malaterre at 2025-03-21T13:21:22+01:00
documentation: Spring cleanups. Closes: #1095639
- - - - -
bb07d8ba by Mathieu Malaterre at 2025-03-21T13:21:25+01:00
d/changelog: Upload 3.6.9-5 to unstable
- - - - -
13 changed files:
- − debian/NEWS
- debian/changelog
- debian/control
- debian/dcmtk-data.install
- − debian/dcmtk.NEWS
- debian/dcmtk.README.Debian
- debian/dcmtk.docs
- debian/dcmtk.examples
- debian/dcmtk.install
- + debian/patches/0012-CVE-2025-2357.patch
- debian/patches/remove_version.patch
- debian/patches/series
- debian/tests/run-unit-test
Changes:
=====================================
debian/NEWS deleted
=====================================
@@ -1,24 +0,0 @@
-dcmtk (3.6.1~20150924-1) unstable; urgency=medium
-
- With this new snapshot upstream removed the wwwapps tools and
- perl scripts that were developed for the CAR 1996 modality showcase, and
- that are largely unused and unsupported.
-
- -- Gert Wollny <gw.fossdev at gmail.com> Tue, 01 Dec 2015 02:46:03 +0100
-
-dcmtk (3.6.1~20150629-2) unstable; urgency=medium
-
- Version 3.6.1 has compatible change of the index.dat format that is not
- backward compatible, and the current dcmtk is trashing the memory (one
- byte of) when using dcmqrscp. All files in
-
- /var/lib/dcmtk/*/index.dat
-
- that are create with version 3.6.0 or before will be corrupted and
- users need to reconstruct the db.
-
- The interested user might like to inspect the upstream commit
-
- http://git.dcmtk.org/web?p=dcmtk.git;a=commitdiff;h=c8423ab1fcf0273061462697b8eca56f894984c7
-
- -- Andreas Tille <tille at debian.org> Thu, 08 Oct 2015 13:06:03 +0200
=====================================
debian/changelog
=====================================
@@ -1,3 +1,11 @@
+dcmtk (3.6.9-5) unstable; urgency=medium
+
+ * d/control: relax dependency on dcmtk-data. Closes: #1098944
+ * 0012-CVE-2025-2357.patch: new: fix CVE-2025-2357. (Closes: #1100724)
+ * documentation: Spring cleanups. Closes: #1095639
+
+ -- Mathieu Malaterre <malat at debian.org> Fri, 21 Mar 2025 12:45:44 +0100
+
dcmtk (3.6.9-4) unstable; urgency=medium
* Team upload.
=====================================
debian/control
=====================================
@@ -52,7 +52,7 @@ Description: OFFIS DICOM toolkit data files
Package: libdcmtk19
Architecture: any
Section: libs
-Depends: dcmtk-data (= ${source:Version}), ${misc:Depends}, ${shlibs:Depends}
+Depends: dcmtk-data (>= ${source:Version}), ${misc:Depends}, ${shlibs:Depends}
Multi-Arch: same
Description: OFFIS DICOM toolkit runtime libraries
DCMTK includes a collection of libraries and applications for examining,
=====================================
debian/dcmtk-data.install
=====================================
@@ -1,3 +1,3 @@
-usr/share/dcmtk-3.6.9/*.dic
-usr/share/dcmtk-3.6.9/csmapper/
-usr/share/dcmtk-3.6.9/esdb/
+usr/share/dcmtk/*.dic
+usr/share/dcmtk/csmapper/
+usr/share/dcmtk/esdb/
=====================================
debian/dcmtk.NEWS deleted
=====================================
@@ -1,137 +0,0 @@
-dcmtk (3.6.0-1) unstable; urgency=low
-
- Version 3.6.0 of the OFFIS DCMTK (DICOM ToolKit) software is now available for
- public release. This release includes the following main changes over the
- previous version 3.5.4:
-
- - DCMTK 3.6.0 now also builds correctly with GNU gcc 4.1 (and higher), Visual
- Studio 2008 and 2010.
-
- - Tested with latest versions of the following operating systems/environments:
-
- - Linux on x86 and x86_64
- - FreeBSD on x86 and x86_64
- - MacOS X on x86_64
- - Windows on x86 and x86_64
- - Cygwin and MinGW/MSys on x86
-
- For a complete list of tested systems and compilers, see the INSTALL file.
-
- - The CMake build system can now also be used with other operating systems than
- Windows. However, GNU autoconf is still supported and should be preferred on
- systems where the CMake project files fail.
-
- - New module oflog introduces a unified DCMTK-wide approach for logging based
- on the log4cplus library. Direct output to console, file, syslog and event
- log. All DCMTK command line tools now have the same set of logging options.
-
- - New module dcmjpls adds support for JPEG-LS compressed DICOM images based on
- the CharLS library. The tools dcmcjpls and dcmdjpls allow for compressing
- and decompressing DICOM images with JPEG-LS from the command line.
-
- - New tool img2dcm allows for converting JPEG and BMP images to various DICOM
- image IODs, e.g. old and new Secondary Capture, Visible Light Photographic.
- The underlying C++ class library can also be used separately.
-
- - New tool dcm2pdf allows for extracting PDF files from DICOM Encapsulated PDF
- Storage SOP instances.
-
- - New tool dcml2pnm allows for converting JPEG-LS compressed DICOM images to
- standard image formats like TIFF or BMP.
-
- - The tools dcmdump and storescu have new options for searching directories
- recursively for DICOM files.
-
- - The tool dcmdump now also has a colored output of the textual dump. So far,
- this option is available on non-Windows systems only (uses ANSI escape code).
-
- - The tool dcmodify now also supports reading the value of insert and modify
- statements from a file. This is especially useful for large element values.
-
- - The tool dsr2html now also supports the output in HTML 4.01 and XHTML 1.1
- format. There are also new options that affect the rendering result.
-
- - The tool dump2dcm now also supports compressed pixel data. In addition,
- the memory requirements for very large data elements have been reduced.
-
- - The tool xml2dcm can now also read binary data (e.g. pixel data) from a
- separate file. The corresponding feature is not yet available in dcm2xml.
-
- - The tool storescp now has a new option that allows for accepting all
- supported transfer syntaxes on a single association.
-
- - The tool wlmscpfs now supports multi-process mode both on Posix and Windows
- platforms where a new child process is created for each incoming association.
-
- - Refactored code of the tool findscu into a C++ class. This facilitates
- re-use of the findscu code in other applications.
-
- - Added further "switches" to the dcmdata module which allow one to better cope
- with incorrectly encoded DICOM files or datasets. These switches are also
- available as new options to the tools dcmdump and dcmconv.
-
- - The dcmdata module now also gives access to partial attribute values without
- loading the complete attribute value into memory, if kept in file.
-
- - The write methods in dcmdata now handle large raw data elements without
- loading everything into memory. This allows very large images to be sent
- over a network connection or to be copied without ever being fully in memory.
-
- - The dcmdata module now has a common interface for the frame-wise access to
- compressed and uncompressed pixel data without ever loading the complete
- object into main memory.
-
- - The dcmimgle/dcmimage module makes use of the new partial access to pixel
- data for processing large multi-frame images in a stepwise manner.
-
- - The dcmimgle/dcmimage module and related tools now also support a new
- bilinear and a bicubic scaling algorithm for image magnification.
- Furthermore, the sigmoid VOI LUT function has been implemented.
-
- - Added support for Colon CAD SR, Spectacle Prescription Report, Macular Grid
- Thickness and Volume Report as well as Implantation Plan SR documents to the
- dcmsr module.
-
- - Incorporated fixes to dcmsr module which were introduced by various
- correction proposals. Added support for the new optional Preliminary Flag.
-
- - DICOMDIR tools and classes now support all new SOP classes and directory
- record types. Also added a new operating mode that allows for updating
- existing entries in a DICOMDIR.
-
- - Introduced general path syntax for accessing nested elements from command
- line tools like findscu or dcmodify.
-
- - Added methods for checking the value representation (VR) and value
- multiplicity (VM) of data elements for conformance with the DICOM standard.
-
- - Network tools now support transmission and receipt of JPEG-LS and MPEG2
- transfer syntaxes.
-
- - Added support for the extended negotiation of user identity to the dcmnet
- module. The first tool that makes use of this new feature is storescu.
-
- - Introduced new experimental SCU and SCP classes that act as a C++ wrapper to
- the still C-based dcmnet module.
-
- - Added new class OFFile that provides a simple encapsulation layer for file
- based stream I/O and, in particular, provides large file support (LFS) if
- available on the underlying operating system/platform through a single API.
-
- - Out of the box compilation with OpenSSL 1.0.0 is now supported.
-
- - Revised installation directory scheme in order to be more compliant with the
- Filesystem Hierarchy Standard (FHS) and derived file system standards.
-
- - Added data dictionary including private ASTM tags from DICONDE (Digital
- Imaging and Communication in Nondestructive Evaluation) standard.
-
- - The DICOM data dictionary as well as the list of SOP classes and transfer
- syntaxes have been re-worked based on the latest edition of the DICOM
- standard plus all additionally approved supplements and correction proposals
- (as of 2010-11-30). Please note that there have been minor name changes!
-
- - Many bug fixes and minor improvements as usual - see the more than 12,000
- lines long CHANGES.360 file for more details.
-
- -- Mathieu Malaterre <mathieu.malaterre at gmail.com> Tue, 08 Feb 2011 19:14:53 +0100
=====================================
debian/dcmtk.README.Debian
=====================================
@@ -147,20 +147,4 @@ and
http://forum.dcmtk.org/
----
-
-DCMTK on Debian is either build using ICU or stdlibc (iconv) to support
-CharacterSet in DICOM. However full support for CharacterSet is only
-implemented in libiconv. Since Debian does not ship libiconv, user may get the
-following error message for the non-supported CharacterSet (ISO 2022 IR 87 in
-this case):
-
-E: DcmSpecificCharacterSet: 'ISO 2022 IR 87' is not supported by the utilized
- character set conversion library 'ICU, Version 63.1.0'
-
-or
-
-E: DcmSpecificCharacterSet: 'ISO 2022 IR 87' is not supported by the utilized
- character set conversion library 'GNU C library (iconv), version 2.28'
-
- -- Mathieu Malaterre <malat at debian.org> Thu, 20 May 2021 11:36:10 +0200
+ -- Mathieu Malaterre <malat at debian.org> Fri, 21 Mar 2025 12:42:50 +0100
=====================================
debian/dcmtk.docs
=====================================
@@ -1,3 +1,2 @@
FAQ
README
-debian/NEWS
=====================================
debian/dcmtk.examples
=====================================
@@ -1,2 +1,2 @@
-usr/share/dcmtk-3.6.9/wlistdb
-usr/share/dcmtk-3.6.9/wlistqry
+usr/share/dcmtk/wlistdb
+usr/share/dcmtk/wlistqry
=====================================
debian/dcmtk.install
=====================================
@@ -1,8 +1,8 @@
etc/dcmtk/*
usr/bin/*
-usr/share/dcmtk-3.6.9/*.css
-usr/share/dcmtk-3.6.9/*.dump
-usr/share/dcmtk-3.6.9/*.lut
-usr/share/dcmtk-3.6.9/dcm2xml.dtd
-usr/share/dcmtk-3.6.9/dsr2xml.xsd
-usr/share/dcmtk-3.6.9/dumppat.txt
+usr/share/dcmtk/*.css
+usr/share/dcmtk/*.dump
+usr/share/dcmtk/*.lut
+usr/share/dcmtk/dcm2xml.dtd
+usr/share/dcmtk/dsr2xml.xsd
+usr/share/dcmtk/dumppat.txt
=====================================
debian/patches/0012-CVE-2025-2357.patch
=====================================
@@ -0,0 +1,512 @@
+From: Marco Eichelberg <eichelberg at offis.de>
+Date: Mon, 3 Mar 2025 11:33:18 +0000 (+0100)
+Subject: Fixed segfault in JPEG-LS decoder.
+X-Git-Url: http://git.dcmtk.org/?p=dcmtk.git;a=commitdiff_plain;h=3239a791542e1ea433d23aaa9e0a05a532ffabff;hp=92fc86e9e8d0808880bcc82e25982b2a61323cb8
+
+Fixed segfault in JPEG-LS decoder.
+
+Fixed a bug in the JPEG-LS decoder that led to a segmentation fault if invalid
+input data was processed, due to insufficient validation of input data.
+
+Thanks to Ding zhengzheng <xiaozheng.ding399 at gmail.com> for the report
+and the sample file (PoC).
+
+This closes DCMTK issue #1155.
+---
+
+diff --git a/dcmjpls/libcharls/scan.h b/dcmjpls/libcharls/scan.h
+index b4dea20d8..f13098104 100644
+--- a/dcmjpls/libcharls/scan.h
++++ b/dcmjpls/libcharls/scan.h
+@@ -1,6 +1,6 @@
+-//
+-// (C) Jan de Vaan 2007-2010, all rights reserved. See the accompanying "License.txt" for licensed use.
+-//
++//
++// (C) Jan de Vaan 2007-2010, all rights reserved. See the accompanying "License.txt" for licensed use.
++//
+
+ #ifndef CHARLS_SCAN
+ #define CHARLS_SCAN
+@@ -11,7 +11,7 @@
+
+ #include "lokuptbl.h"
+
+-// This file contains the code for handling a "scan". Usually an image is encoded as a single scan.
++// This file contains the code for handling a "scan". Usually an image is encoded as a single scan.
+
+ #include DCMTK_DIAGNOSTIC_IGNORE_CONST_EXPRESSION_WARNING
+
+@@ -21,10 +21,10 @@ extern OFVector<signed char> rgquant10Ll;
+ extern OFVector<signed char> rgquant12Ll;
+ extern OFVector<signed char> rgquant16Ll;
+ //
+-// Apply
++// Apply
+ //
+ inlinehint LONG ApplySign(LONG i, LONG sign)
+-{ return (sign ^ i) - sign; }
++{ return (sign ^ i) - sign; }
+
+
+
+@@ -58,20 +58,20 @@ inlinehint LONG GetPredictedValue(LONG Ra, LONG Rb, LONG Rc)
+
+ inlinehint LONG GetPredictedValue(LONG Ra, LONG Rb, LONG Rc)
+ {
+- // sign trick reduces the number of if statements (branches)
++ // sign trick reduces the number of if statements (branches)
+ LONG sgn = BitWiseSign(Rb - Ra);
+
+- // is Ra between Rc and Rb?
++ // is Ra between Rc and Rb?
+ if ((sgn ^ (Rc - Ra)) < 0)
+ {
+ return Rb;
+- }
++ }
+ else if ((sgn ^ (Rb - Rc)) < 0)
+ {
+ return Ra;
+ }
+
+- // default case, valid if Rc element of [Ra,Rb]
++ // default case, valid if Rc element of [Ra,Rb]
+ return Ra + Rb - Rc;
+ }
+
+@@ -110,7 +110,7 @@ public:
+
+ public:
+
+- JlsCodec(const TRAITS& inTraits, const JlsParameters& info) : STRATEGY(info),
++ JlsCodec(const TRAITS& inTraits, const JlsParameters& info) : STRATEGY(info),
+ traits(inTraits),
+ _rect(),
+ _width(0),
+@@ -120,13 +120,13 @@ public:
+ _RUNindex(0),
+ _pquant(0),
+ _bCompare(0)
+-
++
+ {
+ if (Info().ilv == ILV_NONE)
+ {
+ Info().components = 1;
+ }
+- }
++ }
+
+
+ void SetPresets(const JlsCustomParameters& presets)
+@@ -135,9 +135,9 @@ public:
+
+ InitParams(presets.T1 != 0 ? presets.T1 : presetDefault.T1,
+ presets.T2 != 0 ? presets.T2 : presetDefault.T2,
+- presets.T3 != 0 ? presets.T3 : presetDefault.T3,
++ presets.T3 != 0 ? presets.T3 : presetDefault.T3,
+ presets.RESET != 0 ? presets.RESET : presetDefault.RESET);
+- }
++ }
+
+
+ bool IsInterleaved()
+@@ -155,13 +155,13 @@ public:
+
+ signed char QuantizeGratientOrg(LONG Di);
+ inlinehint LONG QuantizeGratient(LONG Di)
+- {
++ {
+ ASSERT(QuantizeGratientOrg(Di) == *(_pquant + Di));
+- return *(_pquant + Di);
++ return *(_pquant + Di);
+ }
+
+ void InitQuantizationLUT();
+-
++
+ LONG DecodeValue(LONG k, LONG limit, LONG qbpp);
+ inlinehint void EncodeMappedValue(LONG k, LONG mappedError, LONG limit);
+
+@@ -216,27 +216,27 @@ public:
+ {
+ LONG sign = BitWiseSign(Qs);
+ JlsContext& ctx = _contexts[ApplySign(Qs, sign)];
+- LONG k = ctx.GetGolomb();
+- LONG Px = traits.CorrectPrediction(pred + ApplySign(ctx.C, sign));
++ LONG k = ctx.GetGolomb();
++ LONG Px = traits.CorrectPrediction(pred + ApplySign(ctx.C, sign));
+
+ LONG ErrVal;
+ const Code& code = decodingTables[k].Get(STRATEGY::PeekByte());
+ if (code.GetLength() != 0)
+ {
+ STRATEGY::Skip(code.GetLength());
+- ErrVal = code.GetValue();
++ ErrVal = code.GetValue();
+ ASSERT(ABS(ErrVal) < 65535);
+ }
+ else
+ {
+- ErrVal = UnMapErrVal(DecodeValue(k, traits.LIMIT, traits.qbpp));
++ ErrVal = UnMapErrVal(DecodeValue(k, traits.LIMIT, traits.qbpp));
+ if (ABS(ErrVal) > 65535)
+ throw JlsException(InvalidCompressedData);
+- }
++ }
+ ErrVal = ErrVal ^ ((traits.NEAR == 0) ? ctx.GetErrorCorrection(k) : 0);
+- ctx.UpdateVariables(ErrVal, traits.NEAR, traits.RESET);
++ ctx.UpdateVariables(ErrVal, traits.NEAR, traits.RESET);
+ ErrVal = ApplySign(ErrVal, sign);
+- return traits.ComputeReconstructedSample(Px, ErrVal);
++ return traits.ComputeReconstructedSample(Px, ErrVal);
+ }
+
+
+@@ -245,7 +245,7 @@ public:
+ LONG sign = BitWiseSign(Qs);
+ JlsContext& ctx = _contexts[ApplySign(Qs, sign)];
+ LONG k = ctx.GetGolomb();
+- LONG Px = traits.CorrectPrediction(pred + ApplySign(ctx.C, sign));
++ LONG Px = traits.CorrectPrediction(pred + ApplySign(ctx.C, sign));
+
+ LONG ErrVal = traits.ComputeErrVal(ApplySign(x - Px, sign));
+
+@@ -270,16 +270,16 @@ public:
+ size_t DecodeScan(void* rawData, const JlsRect& size, BYTE **buf, size_t *buf_size, size_t offset, bool bCompare);
+
+ protected:
+- // codec parameters
++ // codec parameters
+ TRAITS traits;
+ JlsRect _rect;
+ int _width;
+- LONG T1;
++ LONG T1;
+ LONG T2;
+- LONG T3;
++ LONG T3;
+
+ // compression context
+- JlsContext _contexts[365];
++ JlsContext _contexts[365];
+ CContextRunMode _contextRunmode[2];
+ LONG _RUNindex;
+ PIXEL* _previousLine; // previous line ptr
+@@ -309,7 +309,7 @@ CTable InitTable(LONG k)
+ CTable table;
+ short nerr;
+ for (nerr = 0; ; nerr++)
+- {
++ {
+ // Q is not used when k != 0
+ LONG merrval = GetMappedErrVal(nerr);//, k, -1);
+ OFPair<LONG, LONG> paircode = CreateEncodedValue(k, merrval);
+@@ -321,7 +321,7 @@ CTable InitTable(LONG k)
+ }
+
+ for (nerr = -1; ; nerr--)
+- {
++ {
+ // Q is not used when k != 0
+ LONG merrval = GetMappedErrVal(nerr);//, k, -1);
+ OFPair<LONG, LONG> paircode = CreateEncodedValue(k, merrval);
+@@ -364,7 +364,7 @@ inlinehint void JlsCodec<TRAITS,STRATEGY>::EncodeMappedValue(LONG k, LONG mapped
+ if (highbits + 1 > 31)
+ {
+ STRATEGY::AppendToBitStream(0, highbits / 2);
+- highbits = highbits - highbits / 2;
++ highbits = highbits - highbits / 2;
+ }
+ STRATEGY::AppendToBitStream(1, highbits + 1);
+ STRATEGY::AppendToBitStream((mappedError & ((1 << k) - 1)), k);
+@@ -374,11 +374,11 @@ inlinehint void JlsCodec<TRAITS,STRATEGY>::EncodeMappedValue(LONG k, LONG mapped
+ if (limit - traits.qbpp > 31)
+ {
+ STRATEGY::AppendToBitStream(0, 31);
+- STRATEGY::AppendToBitStream(1, limit - traits.qbpp - 31);
++ STRATEGY::AppendToBitStream(1, limit - traits.qbpp - 31);
+ }
+ else
+ {
+- STRATEGY::AppendToBitStream(1, limit - traits.qbpp);
++ STRATEGY::AppendToBitStream(1, limit - traits.qbpp);
+ }
+ STRATEGY::AppendToBitStream((mappedError - 1) & ((1 << traits.qbpp) - 1), traits.qbpp);
+ }
+@@ -389,33 +389,33 @@ inlinehint void JlsCodec<TRAITS,STRATEGY>::EncodeMappedValue(LONG k, LONG mapped
+ template<class TRAITS, class STRATEGY>
+ void JlsCodec<TRAITS,STRATEGY>::InitQuantizationLUT()
+ {
+- // for lossless mode with default parameters, we have precomputed te luts for bitcounts 8,10,12 and 16
++ // for lossless mode with default parameters, we have precomputed te luts for bitcounts 8,10,12 and 16
+ if (traits.NEAR == 0 && traits.MAXVAL == (1 << traits.bpp) - 1)
+ {
+ JlsCustomParameters presets = ComputeDefault(traits.MAXVAL, traits.NEAR);
+ if (presets.T1 == T1 && presets.T2 == T2 && presets.T3 == T3)
+ {
+- if (traits.bpp == 8)
++ if (traits.bpp == 8)
+ {
+- _pquant = &rgquant8Ll[rgquant8Ll.size() / 2 ];
++ _pquant = &rgquant8Ll[rgquant8Ll.size() / 2 ];
+ return;
+ }
+- if (traits.bpp == 10)
++ if (traits.bpp == 10)
+ {
+- _pquant = &rgquant10Ll[rgquant10Ll.size() / 2 ];
++ _pquant = &rgquant10Ll[rgquant10Ll.size() / 2 ];
+ return;
+- }
+- if (traits.bpp == 12)
++ }
++ if (traits.bpp == 12)
+ {
+- _pquant = &rgquant12Ll[rgquant12Ll.size() / 2 ];
++ _pquant = &rgquant12Ll[rgquant12Ll.size() / 2 ];
+ return;
+- }
+- if (traits.bpp == 16)
++ }
++ if (traits.bpp == 16)
+ {
+- _pquant = &rgquant16Ll[rgquant16Ll.size() / 2 ];
++ _pquant = &rgquant16Ll[rgquant16Ll.size() / 2 ];
+ return;
+- }
+- }
++ }
++ }
+ }
+
+ LONG RANGE = 1 << traits.bpp;
+@@ -453,7 +453,7 @@ template<class TRAITS, class STRATEGY>
+ LONG JlsCodec<TRAITS,STRATEGY>::DecodeRIError(CContextRunMode& ctx)
+ {
+ LONG k = ctx.GetGolomb();
+- LONG EMErrval = DecodeValue(k, traits.LIMIT - J[_RUNindex]-1, traits.qbpp);
++ LONG EMErrval = DecodeValue(k, traits.LIMIT - J[_RUNindex]-1, traits.qbpp);
+ LONG Errval = ctx.ComputeErrVal(EMErrval + ctx._nRItype, k);
+ ctx.UpdateVariables(Errval, EMErrval);
+ return Errval;
+@@ -466,7 +466,7 @@ void JlsCodec<TRAITS,STRATEGY>::EncodeRIError(CContextRunMode& ctx, LONG Errval)
+ {
+ LONG k = ctx.GetGolomb();
+ bool map = ctx.ComputeMap(Errval, k);
+- LONG EMErrval = 2 * ABS(Errval) - ctx._nRItype - map;
++ LONG EMErrval = 2 * ABS(Errval) - ctx._nRItype - map;
+
+ ASSERT(Errval == ctx.ComputeErrVal(EMErrval + ctx._nRItype, k));
+ EncodeMappedValue(k, EMErrval, traits.LIMIT-J[_RUNindex]-1);
+@@ -476,7 +476,7 @@ void JlsCodec<TRAITS,STRATEGY>::EncodeRIError(CContextRunMode& ctx, LONG Errval)
+
+ template<class TRAITS, class STRATEGY>
+ Triplet<OFTypename TRAITS::SAMPLE> JlsCodec<TRAITS,STRATEGY>::DecodeRIPixel(Triplet<SAMPLE> Ra, Triplet<SAMPLE> Rb)
+-{
++{
+ LONG Errval1 = DecodeRIError(_contextRunmode[0]);
+ LONG Errval2 = DecodeRIError(_contextRunmode[0]);
+ LONG Errval3 = DecodeRIError(_contextRunmode[0]);
+@@ -513,18 +513,18 @@ Triplet<OFTypename TRAITS::SAMPLE> JlsCodec<TRAITS,STRATEGY>::EncodeRIPixel(Trip
+ template<class TRAITS, class STRATEGY>
+ void JlsCodec<TRAITS,STRATEGY>::EncodeRunPixels(LONG runLength, bool endOfLine)
+ {
+- while (runLength >= LONG(1 << J[_RUNindex]))
++ while (runLength >= LONG(1 << J[_RUNindex]))
+ {
+ STRATEGY::AppendOnesToBitStream(1);
+ runLength = runLength - LONG(1 << J[_RUNindex]);
+ IncrementRunIndex();
+ }
+
+- if (endOfLine)
++ if (endOfLine)
+ {
+- if (runLength != 0)
++ if (runLength != 0)
+ {
+- STRATEGY::AppendOnesToBitStream(1);
++ STRATEGY::AppendOnesToBitStream(1);
+ }
+ }
+ else
+@@ -556,7 +556,7 @@ LONG JlsCodec<TRAITS,STRATEGY>::DecodeRunPixels(PIXEL Ra, PIXEL* startPos, LONG
+
+ if (index != cpixelMac)
+ {
+- // incomplete run
++ // incomplete run
+ index += (J[_RUNindex] > 0) ? STRATEGY::ReadValue(J[_RUNindex]) : 0;
+ }
+
+@@ -566,7 +566,7 @@ LONG JlsCodec<TRAITS,STRATEGY>::DecodeRunPixels(PIXEL Ra, PIXEL* startPos, LONG
+ for (LONG i = 0; i < index; ++i)
+ {
+ startPos[i] = Ra;
+- }
++ }
+
+ return index;
+ }
+@@ -582,7 +582,7 @@ LONG JlsCodec<TRAITS,STRATEGY>::DoRunMode(LONG index, EncoderStrategy*)
+
+ LONG runLength = 0;
+
+- while (traits.IsNear(ptypeCurX[runLength],Ra))
++ while (traits.IsNear(ptypeCurX[runLength],Ra))
+ {
+ ptypeCurX[runLength] = Ra;
+ runLength++;
+@@ -629,14 +629,24 @@ void JlsCodec<TRAITS,STRATEGY>::DoLine(SAMPLE*)
+ LONG index = 0;
+ LONG Rb = _previousLine[index-1];
+ LONG Rd = _previousLine[index];
++ LONG RANGE_UPPER = 1 << traits.bpp;
++ LONG RANGE_LOWER = - RANGE_UPPER;
+
+ while(index < _width)
+- {
++ {
+ LONG Ra = _currentLine[index -1];
+ LONG Rc = Rb;
+ Rb = Rd;
+ Rd = _previousLine[index + 1];
+
++ // make sure that values are not out of range
++ if ( (Rd - Rb < RANGE_LOWER) || (Rd - Rb > RANGE_UPPER)
++ || (Rb - Rc < RANGE_LOWER) || (Rb - Rc > RANGE_UPPER)
++ || (Rc - Ra < RANGE_LOWER) || (Rc - Ra > RANGE_UPPER))
++ {
++ throw JlsException(InvalidCompressedData);
++ }
++
+ LONG Qs = ComputeContextID(QuantizeGratient(Rd - Rb), QuantizeGratient(Rb - Rc), QuantizeGratient(Rc - Ra));
+
+ if (Qs != 0)
+@@ -648,8 +658,8 @@ void JlsCodec<TRAITS,STRATEGY>::DoLine(SAMPLE*)
+ {
+ index += DoRunMode(index, (STRATEGY*)(NULL));
+ Rb = _previousLine[index-1];
+- Rd = _previousLine[index];
+- }
++ Rd = _previousLine[index];
++ }
+ }
+ }
+
+@@ -661,7 +671,7 @@ void JlsCodec<TRAITS,STRATEGY>::DoLine(Triplet<SAMPLE>*)
+ {
+ LONG index = 0;
+ while(index < _width)
+- {
++ {
+ Triplet<SAMPLE> Ra = _currentLine[index -1];
+ Triplet<SAMPLE> Rc = _previousLine[index-1];
+ Triplet<SAMPLE> Rb = _previousLine[index];
+@@ -671,7 +681,7 @@ void JlsCodec<TRAITS,STRATEGY>::DoLine(Triplet<SAMPLE>*)
+ LONG Qs2 = ComputeContextID(QuantizeGratient(Rd.v2 - Rb.v2), QuantizeGratient(Rb.v2 - Rc.v2), QuantizeGratient(Rc.v2 - Ra.v2));
+ LONG Qs3 = ComputeContextID(QuantizeGratient(Rd.v3 - Rb.v3), QuantizeGratient(Rb.v3 - Rc.v3), QuantizeGratient(Rc.v3 - Ra.v3));
+
+-
++
+ if (Qs1 == 0 && Qs2 == 0 && Qs3 == 0)
+ {
+ index += DoRunMode(index, (STRATEGY*)(NULL));
+@@ -684,19 +694,19 @@ void JlsCodec<TRAITS,STRATEGY>::DoLine(Triplet<SAMPLE>*)
+ Rx.v3 = DoRegular(Qs3, _currentLine[index].v3, GetPredictedValue(Ra.v3, Rb.v3, Rc.v3), (STRATEGY*)(NULL));
+ _currentLine[index] = Rx;
+ index++;
+- }
++ }
+ }
+ }
+
+
+-// DoScan: Encodes or decodes a scan.
++// DoScan: Encodes or decodes a scan.
+ // In ILV_SAMPLE mode, multiple components are handled in DoLine
+ // In ILV_LINE mode, a call do DoLine is made for every component
+-// In ILV_NONE mode, DoScan is called for each component
++// In ILV_NONE mode, DoScan is called for each component
+
+ template<class TRAITS, class STRATEGY>
+ void JlsCodec<TRAITS,STRATEGY>::DoScan(BYTE **ptr, size_t *size, size_t offset)
+-{
++{
+ _width = Info().width;
+
+ STRATEGY::Init(ptr, size, offset);
+@@ -706,11 +716,11 @@ void JlsCodec<TRAITS,STRATEGY>::DoScan(BYTE **ptr, size_t *size, size_t offset)
+
+ OFVector<PIXEL> vectmp(2 * components * pixelstride);
+ OFVector<LONG> rgRUNindex(components);
+-
++
+ for (LONG line = 0; line < Info().height; ++line)
+ {
+- _previousLine = &vectmp[1];
+- _currentLine = &vectmp[1 + components * pixelstride];
++ _previousLine = &vectmp[1];
++ _currentLine = &vectmp[1 + components * pixelstride];
+ if ((line & 1) == 1)
+ {
+ PIXEL *tmp = _previousLine;
+@@ -724,17 +734,17 @@ void JlsCodec<TRAITS,STRATEGY>::DoScan(BYTE **ptr, size_t *size, size_t offset)
+ for (int component = 0; component < components; ++component)
+ {
+ _RUNindex = rgRUNindex[component];
+-
++
+ // initialize edge pixels used for prediction
+ _previousLine[_width] = _previousLine[_width - 1];
+ _currentLine[-1] = _previousLine[0];
+ DoLine((PIXEL*) NULL); // dummy arg for overload resolution
+-
++
+ rgRUNindex[component] = _RUNindex;
+ _previousLine += pixelstride;
+ _currentLine += pixelstride;
+ }
+-
++
+ if (_rect.Y <= line && line < _rect.Y + _rect.Height)
+ {
+ STRATEGY::OnLineEnd(_rect.Width, _currentLine + _rect.X - (components * pixelstride), pixelstride);
+@@ -754,7 +764,7 @@ ProcessLine* JlsCodec<TRAITS,STRATEGY>::CreateProcess(void* pvoidOut)
+ return new PostProcesSingleComponent(pvoidOut, Info(), sizeof(typename TRAITS::PIXEL));
+
+ if (Info().colorTransform == 0)
+- return new ProcessTransformed<TransformNone<OFTypename TRAITS::SAMPLE> >(pvoidOut, Info(), TransformNone<SAMPLE>());
++ return new ProcessTransformed<TransformNone<OFTypename TRAITS::SAMPLE> >(pvoidOut, Info(), TransformNone<SAMPLE>());
+
+ if (Info().bitspersample == sizeof(SAMPLE)*8)
+ {
+@@ -765,7 +775,7 @@ ProcessLine* JlsCodec<TRAITS,STRATEGY>::CreateProcess(void* pvoidOut)
+ case COLORXFORM_HP3 : return new ProcessTransformed<TransformHp3<SAMPLE> >(pvoidOut, Info(), TransformHp3<SAMPLE>()); break;
+ default: throw JlsException(UnsupportedColorTransform);
+ }
+- }
++ }
+ else if (Info().bitspersample > 8)
+ {
+ int shift = 16 - Info().bitspersample;
+@@ -796,7 +806,7 @@ size_t JlsCodec<TRAITS,STRATEGY>::EncodeScan(const void* rawData, BYTE **ptr, si
+ }
+
+ DoScan(ptr, size, offset);
+-
++
+ return STRATEGY::GetLength();
+
+ }
+@@ -827,7 +837,7 @@ size_t JlsCodec<TRAITS,STRATEGY>::DecodeScan(void* rawData, const JlsRect& rect,
+ _rect = rect;
+
+ DoScan(ptr, size, offset + readBytes);
+-
++
+ return STRATEGY::GetCurBytePos() - (*ptr + offset);
+ }
+
=====================================
debian/patches/remove_version.patch
=====================================
@@ -1,19 +1,22 @@
Description: Remove version
Author: Mathieu Malaterre <malat at debian.org>
Forwarded: not-needed
-Last-Update: 2023-11-06
+Bug-Debian: https://bugs.debian.org/1098944
+Last-Update: 2025-03-21
Index: dcmtk/CMake/GenerateDCMTKConfigure.cmake
===================================================================
--- dcmtk.orig/CMake/GenerateDCMTKConfigure.cmake
+++ dcmtk/CMake/GenerateDCMTKConfigure.cmake
-@@ -195,7 +195,7 @@ else()
+@@ -195,8 +195,8 @@ else()
# Modify the installation paths for configuration files, data files and documents
# by adding a subdirectory with the DCMTK name and version number
- set(CMAKE_INSTALL_SYSCONFDIR "${CMAKE_INSTALL_SYSCONFDIR}/dcmtk-${DCMTK_COMPLETE_PACKAGE_VERSION}")
+- set(CMAKE_INSTALL_DATADIR "${CMAKE_INSTALL_DATADIR}/dcmtk-${DCMTK_COMPLETE_PACKAGE_VERSION}")
+ set(CMAKE_INSTALL_SYSCONFDIR "${CMAKE_INSTALL_SYSCONFDIR}/dcmtk")
- set(CMAKE_INSTALL_DATADIR "${CMAKE_INSTALL_DATADIR}/dcmtk-${DCMTK_COMPLETE_PACKAGE_VERSION}")
++ set(CMAKE_INSTALL_DATADIR "${CMAKE_INSTALL_DATADIR}/dcmtk")
set(CMAKE_INSTALL_DOCDIR "${CMAKE_INSTALL_DOCDIR}-${DCMTK_COMPLETE_PACKAGE_VERSION}")
+ # These variables are defined as macros in osconfig.h and must end with a path separator
=====================================
debian/patches/series
=====================================
@@ -7,3 +7,4 @@ remove_version.patch
0009-CVE-2025-25475.patch
0010-CVE-2025-25474.patch
0011-CVE-2025-25472.patch
+0012-CVE-2025-2357.patch
=====================================
debian/tests/run-unit-test
=====================================
@@ -13,7 +13,7 @@ if [ "${AUTOPKGTEST_TMP}" = "" ] ; then
fi
cp -a /usr/lib/python3/dist-packages/pydicom/data/test_files/CT_small.dcm "${AUTOPKGTEST_TMP}"
-cp -a /usr/share/dcmtk-3.6.9/dicom.dic "${AUTOPKGTEST_TMP}"
+cp -a /usr/share/dcmtk/dicom.dic "${AUTOPKGTEST_TMP}"
export DCMDICTPATH=${AUTOPKGTEST_TMP}/dicom.dic
View it on GitLab: https://salsa.debian.org/med-team/dcmtk/-/compare/f2d9ee36571912c0d7de2d335b1d79c47aaf548b...bb07d8ba399af6ad23c7ad3cc3c8d9cc07570b03
--
View it on GitLab: https://salsa.debian.org/med-team/dcmtk/-/compare/f2d9ee36571912c0d7de2d335b1d79c47aaf548b...bb07d8ba399af6ad23c7ad3cc3c8d9cc07570b03
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-med-commit/attachments/20250321/65a64f16/attachment-0001.htm>
More information about the debian-med-commit
mailing list