Your message dated Wed, 04 Jan 2023 10:49:33 +0000
with message-id <[email protected]>
and subject line Bug#1027165: fixed in dcmtk 3.6.7-8
has caused the Debian Bug report #1027165,
regarding dcmtk: CVE-2022-43272
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1027165: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027165
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: dcmtk
X-Debbugs-CC: [email protected]
Severity: normal
Tags: security
Hi,
The following vulnerability was published for dcmtk.
CVE-2022-43272[0]:
| DCMTK v3.6.7 was discovered to contain a memory leak via the
| T_ASC_Association object.
https://github.com/songxpu/bug_report/tree/master/DCMTK/memory_leak_in_3.6.7
Fixed by:
https://github.com/DCMTK/dcmtk/commit/c34f4e46e672ad21accf04da0dc085e43be6f5e1
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-43272
https://www.cve.org/CVERecord?id=CVE-2022-43272
Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: dcmtk
Source-Version: 3.6.7-8
Done: Mathieu Malaterre <[email protected]>
We believe that the bug you reported is fixed in the latest version of
dcmtk, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mathieu Malaterre <[email protected]> (supplier of updated dcmtk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 04 Jan 2023 11:15:13 +0100
Source: dcmtk
Architecture: source
Version: 3.6.7-8
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team
<[email protected]>
Changed-By: Mathieu Malaterre <[email protected]>
Closes: 1027165
Changes:
dcmtk (3.6.7-8) unstable; urgency=medium
.
* d/patches: Fix CVE-2022-43272. Closes: #1027165
* d/control: Bump Std-Vers to 4.6.2 no changes needed
Checksums-Sha1:
93c92382f07ebbbfd6ba565074d90fab6521aeb9 2317 dcmtk_3.6.7-8.dsc
54978fa757c4a6bb007f8f4569c0f6d7518ccfe4 40772 dcmtk_3.6.7-8.debian.tar.xz
6983f4b569f13985eedd6f7e75c91ce900bcbfb7 8076 dcmtk_3.6.7-8_source.buildinfo
Checksums-Sha256:
75bda3cf2eab3f97aaab652bd0e3d584f92c8868b8d2951426f5942dbdfc835f 2317
dcmtk_3.6.7-8.dsc
f7c8ebae7050cf99391688cf321f64a1d3794c9da36eeae687e2b988cd341447 40772
dcmtk_3.6.7-8.debian.tar.xz
dff54d9794b8f6986c6cda76f6728efb20495d65ccbfab2efe8ac00a49644ff2 8076
dcmtk_3.6.7-8_source.buildinfo
Files:
03aac62532014e819e6a8df0a519a995 2317 science optional dcmtk_3.6.7-8.dsc
bcd22e8074fe1ef11add7543cdbff067 40772 science optional
dcmtk_3.6.7-8.debian.tar.xz
d67718f47a17ab603939d0733c580bf4 8076 science optional
dcmtk_3.6.7-8_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEaTNn/67NjqrNHwY7AXHhgorgk0UFAmO1Ug8RHG1hbGF0QGRl
Ymlhbi5vcmcACgkQAXHhgorgk0Uirw/+OkJ1WnGyHhJhA2r5jKJaMwzrX+JoDy8X
oWAdbnBoe6xINicoFSoi7VuTfljHloq/V8Gj8bsgMXlIl/atO10pEY3atH5ICLTH
1WAZ80bRy+67aE7UXv27uJveQLdiZthDLl7UVE6/1wE1xYbvEQD7DZZ1sh0FwEyD
Gr/lNUET+2mKBFm6JmZYLS5+FizH1hNiD/EjuOvmHUj3k7Y5+Y6FZp+9x96Zm198
BIijuqY04GLZuEgtuglzCmzo4pRbJP5gOMGe4buETS0mtjzwH9Pljl3mYwCeH3mt
wA+IqKIsUKElGCxWhmiN2PXQqhl+e/MZ3KJqIlqfdPAF1pL//mOaJLNDKdpwDTD+
rwyQXeB6vWeTTpFtulwEyf+LsDXvnht3tI2YlQTSQ4PnzRxB0oSWxGklgeK1XcE8
OwL75J+VRXnJWxJOhDqNYWJtkmXgSx8VfmTJBV9o5Bjkw+ikHxr5wTyugWUWeMUe
dHHoqRPquxhJuBXDPLoi1y+8NUg5ETbaCcNy1DTCSCgnPqjju/wMFYvbBCWEWleM
kQxnnPgTl/469iCjlxyiOKWrUUciAABm1sUhaUCvxiub7aJSrbIb9IsZ+ubWG79y
Vn/RE9B9QJYN3nV+Mig+yW+4oQinGlc+sqd5PNhStZlthmkGpfjwek5pglJy+NOY
M6aYE717OmE=
=kzZa
-----END PGP SIGNATURE-----
--- End Message ---
