Your message dated Sun, 28 Jul 2024 21:24:33 +0000
with message-id <[email protected]>
and subject line Bug#1077369: fixed in xmedcon 0.24.0-gtk3+dfsg-1
has caused the Debian Bug report #1077369,
regarding xmedcon: CVE-2024-29421
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1077369: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077369
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: xmedcon
Version: 0.23.0-gtk3+dfsg-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for xmedcon.
CVE-2024-29421[0]:
| xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer
| Overflow via libs/dicom/basic.c which allows an attacker to execute
| arbitrary code.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-29421
https://www.cve.org/CVERecord?id=CVE-2024-29421
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: xmedcon
Source-Version: 0.24.0-gtk3+dfsg-1
Done: Étienne Mollier <[email protected]>
We believe that the bug you reported is fixed in the latest version of
xmedcon, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Étienne Mollier <[email protected]> (supplier of updated xmedcon package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 28 Jul 2024 22:42:03 +0200
Source: xmedcon
Architecture: source
Version: 0.24.0-gtk3+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Med Packaging Team
<[email protected]>
Changed-By: Étienne Mollier <[email protected]>
Closes: 1077369
Changes:
xmedcon (0.24.0-gtk3+dfsg-1) unstable; urgency=medium
.
* Team upload.
* New upstream version 0.24.0-gtk3+dfsg.
Fixes: CVE-2024-29421 (Closes: #1077369)
* d/control: declare compliance to standards version 4.7.0.
* d/copyright: bump upstream copyright year.
* d/s/lintian-overrides: flag false positive caused by t64 transition.
* d/xmedcon.desktop: remove unknown keyword "Medicine".
* d/*.lintian-overrides: update override regarding t64 transition.
* d/*.install: move desktop entry to xmedcon package.
Checksums-Sha1:
4905565b70b8585e5d0211e2ad38da2496710f1a 2448 xmedcon_0.24.0-gtk3+dfsg-1.dsc
08dc1d07ae614b7343585dedd1a99a88930b3209 443160
xmedcon_0.24.0-gtk3+dfsg.orig.tar.xz
451f085507ba6b2de4a134617fd29dee92c4fd81 13328
xmedcon_0.24.0-gtk3+dfsg-1.debian.tar.xz
Checksums-Sha256:
8e080157ae7f5f001330ee912fc0b55a2b674bf375ed85e15569d62d012eb782 2448
xmedcon_0.24.0-gtk3+dfsg-1.dsc
0d7c2b2be4f0fec5553afdd88fd407101f03a42ff3089fe02f25c870f512ad54 443160
xmedcon_0.24.0-gtk3+dfsg.orig.tar.xz
4c2226476bd55d913696be77f2ba7d74a5b7a0deb35fd63a06c39ad37645e52a 13328
xmedcon_0.24.0-gtk3+dfsg-1.debian.tar.xz
Files:
42fac9b38e69ef1fe9cfc297942aae4a 2448 graphics optional
xmedcon_0.24.0-gtk3+dfsg-1.dsc
aa5c058b0d2cd60fe2b75352ab7c19ff 443160 graphics optional
xmedcon_0.24.0-gtk3+dfsg.orig.tar.xz
e4316612549b63df900a77f4ccc0ba8a 13328 graphics optional
xmedcon_0.24.0-gtk3+dfsg-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCgAyFiEEj5GyJ8fW8rGUjII2eTz2fo8NEdoFAmamrlEUHGVtb2xsaWVy
QGRlYmlhbi5vcmcACgkQeTz2fo8NEdoG0g/8D/D1tJcSY4fo38fkTN4jyCKmG7rz
iOqUn+muRP19gEHO+axJ/d6o95HRJ4vNdQiAcpOOLfTxk6PFh7aZF1tnxMMpNCeL
JH7J5DWgIha1rSzsnscFbtf1wVYk3+NUvMhepG10162HuYD6VnvPCePm8GWXVddR
Zsg7nT4hLs9HdS2DtEJEnuA8rrowgUS9h4XGEqPzcL4mVZIMpCa3v5RhgXYJ5ocS
zC2PUILnpb4LZkmpRU8IilG26qQqc1o4SYRzTELTIKKaAc6md3UF86l2YCal4hCK
LbmGo34QHJ9fM3Q8UJlQULLMxF41TADjr+qzr2Ok1Ca+KxdIeiXf1a3jNcGseH+G
k7AOTanaN3jwBYwdw+ost1qHfVmp8qO5F/gAdppcr4HkhoULe3e2esHkfoyaqG5Z
tBD2nT+WKjYzuDgoU74Kz+pyuad0Kq7JwrdWQjbof1bhEtmY14jEGQa6dGEd8XAv
DzlTq1ctdeNFiPlzYUUj4+s07MzVe+rSkkU4IbFvkTXCSamb6YJVFLGARfiPbomX
TPKCIHBDoy6TXOIMrC/TTaaRrCU8w17nTCZLCR11CrzIRMSmbaeF2X6e62zHZlb3
LGYymOBGxC8K6DUi5dAkn9QS5hCHJljYwMtXCqvDseaNpo6u/pqvoy5JgscH/vN1
4zV8Byb8pImiTpE=
=OPxB
-----END PGP SIGNATURE-----
pgpHOQG3fRJ7c.pgp
Description: PGP signature
--- End Message ---