Your message dated Sat, 31 Dec 2016 21:02:08 +0000
with message-id <[email protected]>
and subject line Bug#848830: fixed in dcmtk 3.6.0-15+deb8u1
has caused the Debian Bug report #848830,
regarding dcmtk: remote stack buffer overflow CVE-2015-8979
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
848830: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848830
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: dcmtk
Severity: grave
Version: 3.6.0-15
Tags: security
Hi,
the following vulnerability was published for dcmtk.
CVE-2015-8979[0]:
remote stack buffer overflow
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-8979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8979
Please adjust the affected versions in the BTS as needed.
--- End Message ---
--- Begin Message ---
Source: dcmtk
Source-Version: 3.6.0-15+deb8u1
We believe that the bug you reported is fixed in the latest version of
dcmtk, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Gert Wollny <[email protected]> (supplier of updated dcmtk package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 23 Dec 2016 12:28:03 +0100
Source: dcmtk
Binary: dcmtk libdcmtk2 libdcmtk2-dev dcmtk-www dcmtk-doc libdcmtk2-dbg
Architecture: source all amd64
Version: 3.6.0-15+deb8u1
Distribution: stable
Urgency: medium
Maintainer: Debian Med Packaging Team
<[email protected]>
Changed-By: Gert Wollny <[email protected]>
Description:
dcmtk - OFFIS DICOM toolkit command line utilities
dcmtk-doc - OFFIS DICOM toolkit documentation
dcmtk-www - OFFIS DICOM toolkit worklist www server application
libdcmtk2 - OFFIS DICOM toolkit runtime libraries
libdcmtk2-dbg - OFFIS DICOM toolkit library debugging symbols
libdcmtk2-dev - OFFIS DICOM toolkit development libraries and headers
Closes: 848830
Changes:
dcmtk (3.6.0-15+deb8u1) jessie-security; urgency=medium
.
* Team upload
* d/p/0001: Add patch to fix CVE-2015-8979, Closes: #848830
The patch was taken from v 3.6.0-6+deb7u1 where the same
security vunerability was fixed by the wheezy LST team.
Checksums-Sha1:
607ccc7ff1df5e1ff62c89174c13740a1369378b 2108 dcmtk_3.6.0-15+deb8u1.dsc
9c34d047ace8a577011c37febf86940ed7d8cc0e 59900
dcmtk_3.6.0-15+deb8u1.debian.tar.xz
af2bfbd2efcf9f6c25ff409c1dc94f3e019f0bcb 5361556
dcmtk-doc_3.6.0-15+deb8u1_all.deb
adca8d855cb1bb2aed51a0c7868087d362fb71c8 942122 dcmtk_3.6.0-15+deb8u1_amd64.deb
62a7e1e599d7770c4e714f611520e82d9cea1361 2733536
libdcmtk2_3.6.0-15+deb8u1_amd64.deb
e383fa5d34dbf1c7a42caebca33276b52218ee74 3291496
libdcmtk2-dev_3.6.0-15+deb8u1_amd64.deb
14b49b712cfa3564ce1b624982d962890316e69c 135616
dcmtk-www_3.6.0-15+deb8u1_amd64.deb
06fbe22f5354c7caba2e4df850d6e978d2e6ebbe 20935170
libdcmtk2-dbg_3.6.0-15+deb8u1_amd64.deb
Checksums-Sha256:
b7d995b5623bbd3437f3894f9ae46bcb66747e31404c883e46ca288c9a8fe07d 2108
dcmtk_3.6.0-15+deb8u1.dsc
a40ecd9615d228dba886d70866891f8970329a4fa003417b76dc7c6e1c5362e0 59900
dcmtk_3.6.0-15+deb8u1.debian.tar.xz
6816336f9a37f2a017302215ff0bfad186f518728a5695fd3300314442a52ddd 5361556
dcmtk-doc_3.6.0-15+deb8u1_all.deb
7cb453f36e504fc9affe2096013e752444ef4291c01c444c414ac7de110bbf0b 942122
dcmtk_3.6.0-15+deb8u1_amd64.deb
f9c3bd0fe358ec008283336ec4df1b9de28b405a6c7e5f62ab9e89fb5836f8d1 2733536
libdcmtk2_3.6.0-15+deb8u1_amd64.deb
88d594f6f953c6539dc2d4c88e38b96b92be23e2fa47b610aeb249cfaf669dc0 3291496
libdcmtk2-dev_3.6.0-15+deb8u1_amd64.deb
489a77b5734c603dc080aaba240d03bbb747ada7223305d588544a71704924c0 135616
dcmtk-www_3.6.0-15+deb8u1_amd64.deb
31b014fe2d0a6fafdefc660bbec2275d31a7c62bfa2a79910d56fa21361def95 20935170
libdcmtk2-dbg_3.6.0-15+deb8u1_amd64.deb
Files:
9749be41697bbfdd37ece6df32c7b463 2108 science optional
dcmtk_3.6.0-15+deb8u1.dsc
f753e3fe0e98629396247f9e47663463 59900 science optional
dcmtk_3.6.0-15+deb8u1.debian.tar.xz
335ddc8d909b69e832747c9d51f098a4 5361556 doc optional
dcmtk-doc_3.6.0-15+deb8u1_all.deb
82c6548ce9814777c1bf121702443a3b 942122 science optional
dcmtk_3.6.0-15+deb8u1_amd64.deb
fb14a9c643055eaf2d272491e3e144d3 2733536 libs optional
libdcmtk2_3.6.0-15+deb8u1_amd64.deb
b5543470890d6b01a6204c7b62525085 3291496 libdevel optional
libdcmtk2-dev_3.6.0-15+deb8u1_amd64.deb
3fb669c87ce6f472c047440deb9dac3e 135616 web optional
dcmtk-www_3.6.0-15+deb8u1_amd64.deb
21737e8b17887e5fe5aba8f7f2d78c01 20935170 debug extra
libdcmtk2-dbg_3.6.0-15+deb8u1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh3EL6Jg/PVnWQFAlhjfzwACgkQEL6Jg/PV
nWTglQgAw6p0IUgzjyhrt3Q/oMUoEWWP8xr+XmZaF9qrJWUETbnmqUu+Mf/G3SR6
M3Q751kTSU1AV/J4LSC0SaE+rEqHV18pEGXfBQUYqcRJc+fPxAdJ/mCXfMInNPFP
kEf0+MCpuOX2Oo/H8pXIEdm07NJzMaMhAfshcDQMeAa523gaj7GCz5FL3ufLQSpx
jXz6WIBOfoPc1RmyzZKL7RL+P6Fyz6zKIDtSdm7HMnK0zPjTJwiGxGRb7+ccNork
/fF2cyRUXzXrCogoUbI+lsolgLSZ0Hg1btlpz6N+y0PX4hc4rkjAuUCwZBuxrPlz
W+ZCD+73xLz5/AkLk6ga7/IqdePPRA==
=ofWc
-----END PGP SIGNATURE-----
--- End Message ---
