[Debian-med-packaging] Bug#1123576: marked as pending in gdcm
Emmanuel Arias
noreply at salsa.debian.org
Fri Jun 19 14:04:44 BST 2026
Control: tag -1 pending
Hello,
Bug #1123576 in gdcm reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/med-team/gdcm/-/commit/5c0fdae82049734a2c1cf099a2d6d97732f48b5a
------------------------------------------------------------------------
Non-maintainer upload by the LTS Team.
* Non-maintainer upload by the LTS Team.
* CVE-2025-11266: Avoid out-of-bounds vulnerability. The issue
unsigned integer underflow in buffer indexing (Closes: #1122862).
* CVE-2025-52582: Add patch to prevent overlay extraction in case of
malformed overlay or image information (Closes: #1123576).
* CVE-2025-48429: Add patch to refactor the RLE header to ensure it
conforms to the DICOM standard (Closes: #1123589).
* CVE-2025-53618 and CVE-2025-53619: Add patch to add a frame size
check to ensure that the provided data corresponds to the buffer
size (Closes: #1123587).
* CVE-2026-3650: Add patch to reject Value Length exceeding stream
size (Closes: #1132042).
------------------------------------------------------------------------
(this message was generated automatically)
--
Greetings
https://bugs.debian.org/1123576
More information about the Debian-med-packaging
mailing list