Good evening, I have pushed some changes in Salsa, in the debian/bookworm branch[1]. Patches are applied for CVE-2024-47796 and CVE-2024-52333, fixing the present issues.
Salvatore Bonaccorso, on 2025-01-27: > On Mon, Jan 27, 2025 at 07:57:59PM +0100, Étienne Mollier wrote: > > Salvatore Bonaccorso, on 2025-01-26: > > > For bookworm: Can you fix those and ideally as well the other no-dsa > > > CVEs in the upcoming point release? […] The below CVE looks also good and the correction is pushed on Salsa; it only required a minor change due to missing a macro that has been defined at a later point in time: > > * CVE-2024-27628 I begun to have a look at that CVE but it seems to be somewhat involved on first sight, but I haven't attempted to apply the changes yet to see how things go actually: > > * CVE-2024-28130 I haven't taken the time to investigate the below issues yet: > > * CVE-2024-34508 > > * CVE-2024-34509 I'll probably stop for today and will continue during the weekend. [1]: https://salsa.debian.org/med-team/dcmtk/-/tree/debian/bookworm?ref_type=heads Have a nice day, :) -- .''`. Étienne Mollier <emoll...@debian.org> : :' : pgp: 8f91 b227 c7d6 f2b1 948c 8236 793c f67e 8f0d 11da `. `' sent from /dev/pts/1, please excuse my verbosity `- on air: Symphony X - Paradise Lost
signature.asc
Description: PGP signature
