Security update for dcmtk
This update for dcmtk fixes the following issues:
- Update to 3.7.0. See docs/CHANGES.370 for the full list of changes
* CVE-2025-14841: invalid messages may trigger a segmentation fault due to a NULL pointer dereference (boo#1255292).
* CVE-2025-14607: manipulation to component dcmdata could lead to memory corruption (boo#1255464).
- Avoid unnecessary dependencies (boo#1254123):
-
Submitted by
Christophe Marin (krop)
Fixed bugs
bnc#1254123
dcmtk-devel references non existent libtiff file
bnc#1255464
VUL-0: CVE-2025-14607: dcmtk: manipulation to component dcmdata could lead to memory corruption
bnc#1255292
VUL-0: CVE-2025-14841: dcmtk: invalid messages may trigger a segmentation fault due to a NULL pointer dereference
