Overview

File _patchinfo of Package patchinfo.17904

<patchinfo incident="17904">
  <issue tracker="bnc" id="1206070">VUL-0: CVE-2022-43272: dcmtk: memory leak via the T_ASC_Association object.</issue>
  <issue tracker="bnc" id="1208638">VUL-0: CVE-2022-2120: dcmtk: relative path traversal vulnerability</issue>
  <issue tracker="bnc" id="1208637">VUL-0: CVE-2022-2119: dcmtk: path traversal vulnerability</issue>
  <issue tracker="bnc" id="1208639">VUL-0: CVE-2022-2121: dcmtk: possible DoS via NULL pointer dereference</issue>
  <issue tracker="cve" id="2022-43272"/>
  <issue tracker="cve" id="2022-2120"/>
  <issue tracker="cve" id="2022-2121"/>
  <issue tracker="cve" id="2022-2119"/>
  <packager>krop</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for dcmtk</summary>
  <description>This update for dcmtk fixes the following issues:

- CVE-2022-43272: Fixed memory leak via the T_ASC_Association object (boo#1206070)

- Update to 3.6.7 (boo#1208639, boo#1208638, boo#1208637,
  CVE-2022-2121, CVE-2022-2120, CVE-2022-2119)
  - CVE-2022-2121: Fixed possible DoS via NULL pointer dereference
  - CVE-2022-2120: Fixed relative path traversal vulnerability
  - CVE-2022-2119: Fixed path traversal vulnerability

  See DOCS/CHANGES.367 for the full list of changes

  * Updated code definitions for DICOM 2022b
  * Fixed possible NULL pointer dereference
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places