Re: CVEs in DCMTK

2022-06-29 Thread Nilesh Patra
On 6/29/22 3:27 PM, Mathieu Malaterre wrote: On Wed, Jun 29, 2022 at 11:51 AM Nilesh Patra wrote: On 6/29/22 12:18 PM, Mathieu Malaterre wrote: Hi there, It turns out there are three CVEs associated with DCMTK version older than 3.6.7. *

Re: CVEs in DCMTK

2022-06-29 Thread Andreas Tille
Hi Mathieu, Am Wed, Jun 29, 2022 at 08:48:12AM +0200 schrieb Mathieu Malaterre: > It turns out there are three CVEs associated with DCMTK version older > than 3.6.7. > > * > https://www.hipaajournal.com/warning-issued-about-3-high-severity-vulnerabilities-in-offis-dicom-software/ Thanks for

Re: CVEs in DCMTK

2022-06-29 Thread Nilesh Patra
On 6/29/22 12:18 PM, Mathieu Malaterre wrote: Hi there, It turns out there are three CVEs associated with DCMTK version older than 3.6.7. * https://www.hipaajournal.com/warning-issued-about-3-high-severity-vulnerabilities-in-offis-dicom-software/ Should we get in touch with debian-security

Re: CVEs in DCMTK

2022-06-29 Thread Mathieu Malaterre
On Wed, Jun 29, 2022 at 11:51 AM Nilesh Patra wrote: > > On 6/29/22 12:18 PM, Mathieu Malaterre wrote: > > Hi there, > > > > It turns out there are three CVEs associated with DCMTK version older > > than 3.6.7. > > > > * > >

CVEs in DCMTK

2022-06-29 Thread Mathieu Malaterre
Hi there, It turns out there are three CVEs associated with DCMTK version older than 3.6.7. * https://www.hipaajournal.com/warning-issued-about-3-high-severity-vulnerabilities-in-offis-dicom-software/ Should we get in touch with debian-security to have them properly reported ? I am not clear