[Debian-med-packaging] Bug#1141411: Bug#1141411: dcmtk: CVE-2026-50003 CVE-2026-50254 CVE-2026-35505 CVE-2026-52868 CVE-2026-44628

Étienne Mollier emollier at debian.org
Tue Jul 7 22:20:29 BST 2026


Hi Salvatore,

Salvatore Bonaccorso, on 2026-07-07:
> Thanks for your judgment. I will mark those issues as no-dsa in the
> security-tracker for trixie, I would say LTS should at least mark them
> postponed then for now until upper suites are fixed and enough
> confident.

Acknowledged, it sounds good to me.

> Sorry for having filled one single bug covering multiple issues this
> time, but we have to batch them bit for making sure things are fixed
> in unstable. It would be nicer to have individual one so version
> trackiing can properly set up.

No worries, in this case the batch of CVEs did not interfere
with the triage, as far as I could witness.  Thanks for taking
the time to coordinate publication of security patches!

Have a nice day,  :)
-- 
  .''`.  Étienne Mollier <emollier at debian.org>
 : :' :  pgp: 8f91 b227 c7d6 f2b1 948c  8236 793c f67e 8f0d 11da
 `. `'   sent from /dev/pts/2, please excuse my verbosity
   `-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-med-packaging/attachments/20260707/2babf9cb/attachment.sig>


More information about the Debian-med-packaging mailing list