Overview

File _patchinfo of Package patchinfo.19296

<patchinfo incident="19296">
  <issue tracker="cve" id="2025-14607"/>
  <issue tracker="cve" id="2025-14841"/>
  <issue tracker="bnc" id="1254123">dcmtk-devel references non existent libtiff file</issue>
  <issue tracker="bnc" id="1255464">VUL-0: CVE-2025-14607: dcmtk: manipulation to component dcmdata could lead to memory corruption</issue>
  <issue tracker="bnc" id="1255292">VUL-0: CVE-2025-14841: dcmtk: invalid messages may trigger a segmentation fault due to a NULL pointer dereference</issue>
  <packager>krop</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for dcmtk</summary>
  <description>This update for dcmtk fixes the following issues:

- Update to 3.7.0. See docs/CHANGES.370 for the full list of changes
  * CVE-2025-14841: invalid messages may trigger a segmentation fault due to a NULL pointer dereference (boo#1255292).
  * CVE-2025-14607: manipulation to component dcmdata could lead to memory corruption (boo#1255464).
- Avoid unnecessary dependencies (boo#1254123):
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places