Your message dated Sat, 31 Dec 2016 21:02:08 +0000 with message-id <e1cnqn2-0009jm...@fasolo.debian.org> and subject line Bug#848830: fixed in dcmtk 3.6.0-15+deb8u1 has caused the Debian Bug report #848830, regarding dcmtk: remote stack buffer overflow CVE-2015-8979 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 848830: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848830 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: dcmtk Severity: grave Version: 3.6.0-15 Tags: security Hi, the following vulnerability was published for dcmtk. CVE-2015-8979[0]: remote stack buffer overflow If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-8979 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8979 Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---Source: dcmtk Source-Version: 3.6.0-15+deb8u1 We believe that the bug you reported is fixed in the latest version of dcmtk, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 848...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Gert Wollny <gw.foss...@gmail.com> (supplier of updated dcmtk package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 23 Dec 2016 12:28:03 +0100 Source: dcmtk Binary: dcmtk libdcmtk2 libdcmtk2-dev dcmtk-www dcmtk-doc libdcmtk2-dbg Architecture: source all amd64 Version: 3.6.0-15+deb8u1 Distribution: stable Urgency: medium Maintainer: Debian Med Packaging Team <debian-med-packag...@lists.alioth.debian.org> Changed-By: Gert Wollny <gw.foss...@gmail.com> Description: dcmtk - OFFIS DICOM toolkit command line utilities dcmtk-doc - OFFIS DICOM toolkit documentation dcmtk-www - OFFIS DICOM toolkit worklist www server application libdcmtk2 - OFFIS DICOM toolkit runtime libraries libdcmtk2-dbg - OFFIS DICOM toolkit library debugging symbols libdcmtk2-dev - OFFIS DICOM toolkit development libraries and headers Closes: 848830 Changes: dcmtk (3.6.0-15+deb8u1) jessie-security; urgency=medium . * Team upload * d/p/0001: Add patch to fix CVE-2015-8979, Closes: #848830 The patch was taken from v 3.6.0-6+deb7u1 where the same security vunerability was fixed by the wheezy LST team. Checksums-Sha1: 607ccc7ff1df5e1ff62c89174c13740a1369378b 2108 dcmtk_3.6.0-15+deb8u1.dsc 9c34d047ace8a577011c37febf86940ed7d8cc0e 59900 dcmtk_3.6.0-15+deb8u1.debian.tar.xz af2bfbd2efcf9f6c25ff409c1dc94f3e019f0bcb 5361556 dcmtk-doc_3.6.0-15+deb8u1_all.deb adca8d855cb1bb2aed51a0c7868087d362fb71c8 942122 dcmtk_3.6.0-15+deb8u1_amd64.deb 62a7e1e599d7770c4e714f611520e82d9cea1361 2733536 libdcmtk2_3.6.0-15+deb8u1_amd64.deb e383fa5d34dbf1c7a42caebca33276b52218ee74 3291496 libdcmtk2-dev_3.6.0-15+deb8u1_amd64.deb 14b49b712cfa3564ce1b624982d962890316e69c 135616 dcmtk-www_3.6.0-15+deb8u1_amd64.deb 06fbe22f5354c7caba2e4df850d6e978d2e6ebbe 20935170 libdcmtk2-dbg_3.6.0-15+deb8u1_amd64.deb Checksums-Sha256: b7d995b5623bbd3437f3894f9ae46bcb66747e31404c883e46ca288c9a8fe07d 2108 dcmtk_3.6.0-15+deb8u1.dsc a40ecd9615d228dba886d70866891f8970329a4fa003417b76dc7c6e1c5362e0 59900 dcmtk_3.6.0-15+deb8u1.debian.tar.xz 6816336f9a37f2a017302215ff0bfad186f518728a5695fd3300314442a52ddd 5361556 dcmtk-doc_3.6.0-15+deb8u1_all.deb 7cb453f36e504fc9affe2096013e752444ef4291c01c444c414ac7de110bbf0b 942122 dcmtk_3.6.0-15+deb8u1_amd64.deb f9c3bd0fe358ec008283336ec4df1b9de28b405a6c7e5f62ab9e89fb5836f8d1 2733536 libdcmtk2_3.6.0-15+deb8u1_amd64.deb 88d594f6f953c6539dc2d4c88e38b96b92be23e2fa47b610aeb249cfaf669dc0 3291496 libdcmtk2-dev_3.6.0-15+deb8u1_amd64.deb 489a77b5734c603dc080aaba240d03bbb747ada7223305d588544a71704924c0 135616 dcmtk-www_3.6.0-15+deb8u1_amd64.deb 31b014fe2d0a6fafdefc660bbec2275d31a7c62bfa2a79910d56fa21361def95 20935170 libdcmtk2-dbg_3.6.0-15+deb8u1_amd64.deb Files: 9749be41697bbfdd37ece6df32c7b463 2108 science optional dcmtk_3.6.0-15+deb8u1.dsc f753e3fe0e98629396247f9e47663463 59900 science optional dcmtk_3.6.0-15+deb8u1.debian.tar.xz 335ddc8d909b69e832747c9d51f098a4 5361556 doc optional dcmtk-doc_3.6.0-15+deb8u1_all.deb 82c6548ce9814777c1bf121702443a3b 942122 science optional dcmtk_3.6.0-15+deb8u1_amd64.deb fb14a9c643055eaf2d272491e3e144d3 2733536 libs optional libdcmtk2_3.6.0-15+deb8u1_amd64.deb b5543470890d6b01a6204c7b62525085 3291496 libdevel optional libdcmtk2-dev_3.6.0-15+deb8u1_amd64.deb 3fb669c87ce6f472c047440deb9dac3e 135616 web optional dcmtk-www_3.6.0-15+deb8u1_amd64.deb 21737e8b17887e5fe5aba8f7f2d78c01 20935170 debug extra libdcmtk2-dbg_3.6.0-15+deb8u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAlhjfzwACgkQEL6Jg/PV nWTglQgAw6p0IUgzjyhrt3Q/oMUoEWWP8xr+XmZaF9qrJWUETbnmqUu+Mf/G3SR6 M3Q751kTSU1AV/J4LSC0SaE+rEqHV18pEGXfBQUYqcRJc+fPxAdJ/mCXfMInNPFP kEf0+MCpuOX2Oo/H8pXIEdm07NJzMaMhAfshcDQMeAa523gaj7GCz5FL3ufLQSpx jXz6WIBOfoPc1RmyzZKL7RL+P6Fyz6zKIDtSdm7HMnK0zPjTJwiGxGRb7+ccNork /fF2cyRUXzXrCogoUbI+lsolgLSZ0Hg1btlpz6N+y0PX4hc4rkjAuUCwZBuxrPlz W+ZCD+73xLz5/AkLk6ga7/IqdePPRA== =ofWc -----END PGP SIGNATURE-----
--- End Message ---
