[ubuntu/focal-security] dcmtk 3.6.4-2.1ubuntu0.1 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Tue Sep 17 07:29:50 UTC 2024
dcmtk (3.6.4-2.1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2021-41687.patch: fixed null pointer
dereferences discoverd in the code (CVE-2021-41687, CVE-2021-41688,
and CVE-2021-41690)
- debian/patches/CVE-2021-41689.patch: fixed a buffer overflow
in DU_getStringDOElement function.
- debian/patches/CVE-2022-2121.patch: fixed a null pointer dereference
- debian/patches/CVE-2022-43272.patch: fixed a memory leak in
DcmQueryRetrieveSCP::waitForAssociation function.
- debian/patches/CVE-2024-28130-1.patch: fixed unchecked typecasts of
DcmItem::search results.
- debian/patches/CVE-2024-28130-2.patch: fixed unchecked typecasts and
fixed LUT handling.
- debian/patches/CVE-2024-28130-3.patch: fixed wrong error handling
introduced with the previous patch.
- debian/patches/CVE-2024-34508,CVE-2024-34509.patch: fixed two
segmentation faults
- CVE-2021-41687
- CVE-2021-41688
- CVE-2021-41689
- CVE-2021-41690
- CVE-2022-2121
- CVE-2022-43272
- CVE-2024-28130
- CVE-2024-34508
- CVE-2024-34509
Date: 2024-09-03 08:28:09.066508+00:00
Changed-By: Shishir Subedi <shishirsub10 at gmail.com>
Signed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/dcmtk/3.6.4-2.1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list