[Debian-med-packaging] Bug#1027165: dcmtk: CVE-2022-43272
Moritz Mühlenhoff
jmm at inutil.org
Wed Dec 28 18:54:16 GMT 2022
Source: dcmtk
X-Debbugs-CC: team at security.debian.org
Severity: normal
Tags: security
Hi,
The following vulnerability was published for dcmtk.
CVE-2022-43272[0]:
| DCMTK v3.6.7 was discovered to contain a memory leak via the
| T_ASC_Association object.
https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7
Fixed by: https://github.com/DCMTK/dcmtk/commit/c34f4e46e672ad21accf04da0dc085e43be6f5e1
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-43272
https://www.cve.org/CVERecord?id=CVE-2022-43272
Please adjust the affected versions in the BTS as needed.
More information about the Debian-med-packaging
mailing list