[Debian-med-packaging] Bug#1093047: dcmtk: leftover CVE status.
Étienne Mollier
emollier at debian.org
Thu Jan 30 19:51:17 GMT 2025
Good evening,
I have pushed some changes in Salsa, in the debian/bookworm
branch[1]. Patches are applied for CVE-2024-47796 and
CVE-2024-52333, fixing the present issues.
Salvatore Bonaccorso, on 2025-01-27:
> On Mon, Jan 27, 2025 at 07:57:59PM +0100, Étienne Mollier wrote:
> > Salvatore Bonaccorso, on 2025-01-26:
> > > For bookworm: Can you fix those and ideally as well the other no-dsa
> > > CVEs in the upcoming point release?
[…]
The below CVE looks also good and the correction is pushed on
Salsa; it only required a minor change due to missing a macro
that has been defined at a later point in time:
> > * CVE-2024-27628
I begun to have a look at that CVE but it seems to be somewhat
involved on first sight, but I haven't attempted to apply the
changes yet to see how things go actually:
> > * CVE-2024-28130
I haven't taken the time to investigate the below issues yet:
> > * CVE-2024-34508
> > * CVE-2024-34509
I'll probably stop for today and will continue during the
weekend.
[1]: https://salsa.debian.org/med-team/dcmtk/-/tree/debian/bookworm?ref_type=heads
Have a nice day, :)
--
.''`. Étienne Mollier <emollier at debian.org>
: :' : pgp: 8f91 b227 c7d6 f2b1 948c 8236 793c f67e 8f0d 11da
`. `' sent from /dev/pts/1, please excuse my verbosity
`- on air: Symphony X - Paradise Lost
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-med-packaging/attachments/20250130/5648a86e/attachment-0003.sig>
More information about the Debian-med-packaging
mailing list