Your message dated Wed, 21 Aug 2024 21:47:11 +0000
with message-id <[email protected]>
and subject line Bug#1077369: fixed in xmedcon 0.23.0-gtk3+dfsg-1+deb12u1
has caused the Debian Bug report #1077369,
regarding xmedcon: CVE-2024-29421
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1077369: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1077369
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: xmedcon
Version: 0.23.0-gtk3+dfsg-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>

Hi,

The following vulnerability was published for xmedcon.

CVE-2024-29421[0]:
| xmedcon 0.23.0 and fixed in v.0.24.0 is vulnerable to Buffer
| Overflow via libs/dicom/basic.c which allows an attacker to execute
| arbitrary code.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-29421
    https://www.cve.org/CVERecord?id=CVE-2024-29421

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---
--- Begin Message ---
Source: xmedcon
Source-Version: 0.23.0-gtk3+dfsg-1+deb12u1
Done: Étienne Mollier <[email protected]>

We believe that the bug you reported is fixed in the latest version of
xmedcon, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Étienne Mollier <[email protected]> (supplier of updated xmedcon package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 07 Aug 2024 17:51:22 +0200
Source: xmedcon
Architecture: source
Version: 0.23.0-gtk3+dfsg-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Debian Med Packaging Team 
<[email protected]>
Changed-By: Étienne Mollier <[email protected]>
Closes: 1077369
Changes:
 xmedcon (0.23.0-gtk3+dfsg-1+deb12u1) bookworm; urgency=medium
 .
   * Team upload.
   * CVE-2024-29421.patch: new: fix CVE-2024-29421. (Closes: #1077369)
Checksums-Sha1:
 402f2d2806d65d5355d45bb4c6ba19eb4c384083 2449 
xmedcon_0.23.0-gtk3+dfsg-1+deb12u1.dsc
 1b69c1f32f30b91df97cf3a7058e40fbf15e2505 13576 
xmedcon_0.23.0-gtk3+dfsg-1+deb12u1.debian.tar.xz
Checksums-Sha256:
 3de64f381b8df85fb90c5513ee287642c6e0f63429b7d68d3c251fc0865e80c6 2449 
xmedcon_0.23.0-gtk3+dfsg-1+deb12u1.dsc
 0569221e4e56d22fbad44a7740f87950d35ae4ec3d2c1df11ec64642446042e7 13576 
xmedcon_0.23.0-gtk3+dfsg-1+deb12u1.debian.tar.xz
Files:
 9c5f2445b44149c0f678768e2b78c6e9 2449 graphics optional 
xmedcon_0.23.0-gtk3+dfsg-1+deb12u1.dsc
 d765bf678496635d3b5f024c6904c424 13576 graphics optional 
xmedcon_0.23.0-gtk3+dfsg-1+deb12u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEj5GyJ8fW8rGUjII2eTz2fo8NEdoFAmbA2scUHGVtb2xsaWVy
QGRlYmlhbi5vcmcACgkQeTz2fo8NEdruBQ//SD9SfegeLP79dBJ+VY7PmLid6RYR
QKcWYbduZAicq4Ib+opc0fi0Sjxb0J6S1S5Xyq1lg8po0k60fa3dpjZu4qrpHatr
xejNlqJuTfvgSP8KfyVOTjxLJwr7use6OyfgKvEa3aOfCfRWiDeOcd4OosNTIWxd
1pV6v1OrEpLBL9aL/EeTHpwfwpl/t41qZDhjMvTI6tvPFF2WpaclgruTwryOUn1M
ReyjV7NYQApGzzIDuGwgPfDW92IaMpjVJkX/oF0p2g7impgOrkOuwZT3cHWpltw0
tZ/noYemmPUaDr3Q8lw+8ifzaxcD5Y+yp6WByHlFC4/3Uf31vDlr+Gu8WbDzeA0c
KQda2afIrZ9AqkIrN56knT9SN6zMAuBhTMc9XQav3TU2m3lxl+0jrFn4O2zaYa85
1RkPyEdUTykX6c4sXQgYqwnFEsLPipskQfB6BMDUDbXj0ANVpNKnR/x/DdiyAzd4
vonOpiKz0AT4I6nn/HDsEYxBiC1iY1I6hQvNp2coedagcn39Opsjjd2qlvm/sIbW
Rh9aJKBnw095figF4Pdx30e2vDA+yqY5KwRBOPM6HhbJjgE7Az8LMJuGzvK+Ga4m
pDOSt3GXrFTz5F2gGx3Wv5YucNHSpLgcTCOOa1X90QRtH/Wab2J1BuZcrYTcj4hU
MhajYIPicp/PHic=
=AddP
-----END PGP SIGNATURE-----

Attachment: pgpiueyYzsEMV.pgp
Description: PGP signature


--- End Message ---

Reply via email to