Your message dated Sun, 11 Aug 2024 11:32:30 +0000
with message-id <[email protected]>
and subject line Bug#1077369: fixed in xmedcon 0.16.3+dfsg-1+deb11u1
has caused the Debian Bug report #1077369,
regarding xmedcon: CVE-2024-29421
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1077369: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077369
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: xmedcon
Version: 0.23.0-gtk3+dfsg-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi,

The following vulnerability was published for xmedcon.

CVE-2024-29421[0]:
| xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer
| Overflow via libs/dicom/basic.c which allows an attacker to execute
| arbitrary code.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-29421
    https://www.cve.org/CVERecord?id=CVE-2024-29421

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message ---
Source: xmedcon
Source-Version: 0.16.3+dfsg-1+deb11u1
Done: Étienne Mollier <[email protected]>

We believe that the bug you reported is fixed in the latest version of
xmedcon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Étienne Mollier <[email protected]> (supplier of updated xmedcon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 07 Aug 2024 18:10:18 +0200
Source: xmedcon
Architecture: source
Version: 0.16.3+dfsg-1+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian Med Packaging Team 
<[email protected]>
Changed-By: Étienne Mollier <[email protected]>
Closes: 1077369
Changes:
 xmedcon (0.16.3+dfsg-1+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2024-29421.patch: new: fix CVE-2024-29421. (Closes: #1077369)
Checksums-Sha1:
 9344f11302f25725153a80050d261b791e623245 2386 xmedcon_0.16.3+dfsg-1+deb11u1.dsc
 a12c767c0421f5cb953b5e7882e146589caaa544 11596 
xmedcon_0.16.3+dfsg-1+deb11u1.debian.tar.xz
Checksums-Sha256:
 71683644466fcf188ec9b3a54084dee60969cde809d88288522ff3a0acbdf05e 2386 
xmedcon_0.16.3+dfsg-1+deb11u1.dsc
 8dfba9fc274dacde5e62553115c40092474748e1c294f4322af5ef43d633b8c5 11596 
xmedcon_0.16.3+dfsg-1+deb11u1.debian.tar.xz
Files:
 41a0b3f2772b9c1643abf2038e900fb8 2386 graphics optional 
xmedcon_0.16.3+dfsg-1+deb11u1.dsc
 25d32947aa37e3353514607b0fb4e680 11596 graphics optional 
xmedcon_0.16.3+dfsg-1+deb11u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEj5GyJ8fW8rGUjII2eTz2fo8NEdoFAma4XWUUHGVtb2xsaWVy
QGRlYmlhbi5vcmcACgkQeTz2fo8NEdoeFRAAxJfNqOXzCoj+BPKuM3UZNFRmLBin
C/mPBsLLhUkmCtARKpdwG+ZTDZhuRrQjNQKlJBOWABBYJ4R9JE2NUwhr+j8oOW0R
evH6E7g8CsNA3LKiOEBY4sH8YlGLv6gLG3lAxzYpDdxovrcV/yB4oh3em6rV2rC8
Ou5TzWbSc17FMrIp8ERKLuCjlOZZ563+U6KkLJLDErQR7w/DH9TWO4bcwy+tmeH4
MyxwrqJ4IT9SJmrVdIRbbtorb9gnHyoQzW44yRg410oMiDHqm8MKWORtcYVa76ID
0ya26BJ74iwwaK+hg9X9kXRynUMrGEkmeXorYNlEZuu/pxEQ9AFWEbbw9eMNUrcz
SKn5qyOoyyYgAzqHtzcZXGNNmk2EU9Lz2C9VzOd+CNoB9fQPfeu3/PbCRF7mZYbO
603tp52b9SMYBJ3V9NCUrRdMwkaD//t/fjANOsKG2hUuQK8ePK7ZuQ1R0FgLMt7m
3MANlVL2G+mXaXn2Hys5xCSkRBUC4Z2kQzHn18mbGof1MLQmvFNSeHdGfOO82B+H
jDfclQCaaRI5E36b3sLzCtY0d2yuArjD492r0PN/IoH/nd3Aq2QtN9SzPnlW7lcg
+hsfOvo7jABWXTb5F8oDAjfacGokwOt7/xLooEyhu1ahHgHhZr5GMjfEKer3bNQB
AvbNkmYNM457qFU=
=5OYu
-----END PGP SIGNATURE-----

Attachment: pgpBianoa8VkQ.pgp
Description: PGP signature


--- End Message ---

Reply via email to