[Git][security-tracker-team/security-tracker][master] dcmtk spu

Moritz Muehlenhoff (@jmm) Thu, 27 Feb 2025 07:32:19 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3afedb3b by Moritz Mühlenhoff at 2025-02-27T16:31:43+01:00
dcmtk spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -4875,6 +4875,7 @@ CVE-2025-25475 (A NULL pointer dereference in the 
component /libsrc/dcrleccd.cc
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=bffa3e9116abb7038b432443f16b1bd390e80245
 CVE-2025-25474 (DCMTK v3.6.9+ DEV was discovered to contain a buffer overflow 
via the  ...)
        - dcmtk 3.6.9-4 (bug #1098374)
+       [bookworm] - dcmtk <no-dsa> (Will be fixed via spu)
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=1d205bcd307164c99e0d4bbf412110372658d847
 CVE-2025-25473 (FFmpeg git master before commit c08d30 was discovered to 
contain a NUL ...)
        - ffmpeg <unfixed>
@@ -4883,6 +4884,7 @@ CVE-2025-25473 (FFmpeg git master before commit c08d30 
was discovered to contain
        NOTE: Fixed by: 
https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c08d300481b8ebb846cd43a473988fdbc6793d1b
 CVE-2025-25472 (A buffer overflow in DCMTK git master v3.6.9+ DEV allows 
attackers to  ...)
        - dcmtk 3.6.9-4
+       [bookworm] - dcmtk <no-dsa> (Will be fixed via spu)
        NOTE: Introduced by fix for CVE-2024-47796: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=89a6e399f1e17d08a8bc8cdaa05b2ac9a50cd4f6
        NOTE: Fixed by: 
https://git.dcmtk.org/?p=dcmtk.git;a=commit;h=410ffe2019b9db6a8f4036daac742a6f5e4d36c2
 CVE-2025-25471 (FFmpeg git master before commit fd1772 was discovered to 
contain a NUL ...)


=====================================
data/next-point-update.txt
=====================================
@@ -170,3 +170,9 @@ CVE-2025-21490
        [bookworm] - mariadb 1:10.11.10-0+deb12u1
 CVE-2025-0167
        [bookworm] - curl 7.88.1-10+deb12u11
+CVE-2025-25475
+       [bookworm] - dcmtk 3.6.7-9~deb12u3
+CVE-2025-25474
+       [bookworm] - dcmtk 3.6.7-9~deb12u3
+CVE-2025-25472
+       [bookworm] - dcmtk 3.6.7-9~deb12u3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3afedb3b8fa94d8b4b40e53241f5330c6adfcccd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3afedb3b8fa94d8b4b40e53241f5330c6adfcccd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] dcmtk spu

Reply via email to