[med-svn] [Git][med-team/dcmtk][debian/trixie] 2 commits: CVE-2026-12805.patch: new: fix CVE-2026-12805.
Étienne Mollier (@emollier)
gitlab at salsa.debian.org
Wed Jun 24 18:09:59 BST 2026
Étienne Mollier pushed to branch debian/trixie at Debian Med / dcmtk
Commits:
adfd5a02 by Étienne Mollier at 2026-06-23T21:42:21+02:00
CVE-2026-12805.patch: new: fix CVE-2026-12805.
This patch fixes a risk of buffer overflow by ensuring negative error
codes in XMLNode::parseFile are properly handled, as well a NULL
values.
Closes: #1140562
- - - - -
a83229fb by Étienne Mollier at 2026-06-23T21:45:30+02:00
d/changelog: ready for trixie proposed upload.
- - - - -
3 changed files:
- debian/changelog
- + debian/patches/0019-CVE-2026-12805.patch
- debian/patches/series
Changes:
=====================================
debian/changelog
=====================================
@@ -1,3 +1,13 @@
+dcmtk (3.6.9-5+deb13u2) trixie; urgency=medium
+
+ * Team upload.
+ * CVE-2026-12805.patch: new: fix CVE-2026-12805.
+ This patch fixes a risk of buffer overflow by ensuring negative error
+ codes in XMLNode::parseFile are properly handled, as well a NULL
+ values. (Closes: #1140562)
+
+ -- Étienne Mollier <emollier at debian.org> Tue, 23 Jun 2026 21:44:21 +0200
+
dcmtk (3.6.9-5+deb13u1) trixie; urgency=medium
* Team upload
=====================================
debian/patches/0019-CVE-2026-12805.patch
=====================================
@@ -0,0 +1,34 @@
+commit 1d4b3815c0987840a983160bfc671fef63a3105b
+Author: Marco Eichelberg <eichelberg at offis.de>
+Date: Sat May 23 17:07:58 2026 +0200
+
+ Fixed buffer overflow in XMLNode::parseFile().
+
+ Fixed a heap buffer overflow that could occur in the XML parser
+ when reading from a named pipe.
+
+ Thanks to Cristhian Daniel Rivas Zúñiga and Sebastian Andres Muñoz Morera
+ (Insituto Tecnológico de Costa Rica) for the bug report and fix.
+
+ This closes DCMTK issue #1208.
+
+--- dcmtk.orig/ofstd/libsrc/ofxml.cc
++++ dcmtk/ofstd/libsrc/ofxml.cc
+@@ -1,6 +1,6 @@
+ /*
+ *
+- * Copyright (C) 2011-2023, OFFIS e.V.
++ * Copyright (C) 2011-2026, OFFIS e.V.
+ * All rights reserved. See COPYRIGHT file for details.
+ *
+ * This software and supporting documentation were slightly modified by
+@@ -1961,7 +1961,8 @@
+ if (f==NULL) { if (pResults) pResults->error=eXMLErrorFileNotFound; return emptyXMLNode; }
+ fseek(f,0,SEEK_END);
+ int l=OFstatic_cast(int, ftell(f)),headerSz=0;
+- if (!l) { if (pResults) pResults->error=eXMLErrorEmpty; fclose(f); return emptyXMLNode; }
++ // DCMTK: handle situation where ftell() returns -1
++ if (l <= 0) { if (pResults) pResults->error=eXMLErrorEmpty; fclose(f); return emptyXMLNode; }
+ fseek(f,0,SEEK_SET);
+ unsigned char *buf=OFreinterpret_cast(unsigned char*, malloc(l+4));
+ l=OFstatic_cast(int, fread(buf,1,l,f));
=====================================
debian/patches/series
=====================================
@@ -14,3 +14,4 @@ remove_version.patch
0016-CVE-2026-5663.patch
0017-CVE-2025-14841.patch
0018-CVE-2026-10194.patch
+0019-CVE-2026-12805.patch
View it on GitLab: https://salsa.debian.org/med-team/dcmtk/-/compare/0673f03c36c307079cb34b9d00a6366a7ff71814...a83229fb604786c30145c04a02ad1c2e19952d0e
--
View it on GitLab: https://salsa.debian.org/med-team/dcmtk/-/compare/0673f03c36c307079cb34b9d00a6366a7ff71814...a83229fb604786c30145c04a02ad1c2e19952d0e
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-med-commit/attachments/20260624/3e1515c4/attachment-0001.htm>
More information about the debian-med-commit
mailing list