Good day,
Salvatore Bonaccorso, on 2025-02-12:
> Thanks a lot for your work, and for providing this status update. Then
> I suggest that we do not not ignore the remaining CVEs and you can
> address this equally trough the point release.
Sounds good, I opened #1095072 to discuss the integration.
Hi Salvatore,
Salvatore Bonaccorso, on 2025-02-09:
> Regarding CVE-2024-28130, should we ignore it for fixing in bookworm
> if it is too risky for regressions?
With the first batch of CVEs addressed in proposed-updates, I
could take a fresher look at the patch set. I thought I would
hit a brick
Hi Étienne
On Sun, Feb 02, 2025 at 11:46:44AM +0100, Étienne Mollier wrote:
> Good day,
>
> Étienne Mollier, on 2025-02-01:
> > I believe these changes in dcmtk are good enough to contact the
> > stable release manager for an upload in the upcoming point
> > release and will proceed.
>
> And don
Good day,
Étienne Mollier, on 2025-02-01:
> I believe these changes in dcmtk are good enough to contact the
> stable release manager for an upload in the upcoming point
> release and will proceed.
And done, this is #1094991.
Have a nice day, :)
--
.''`. Étienne Mollier
: :' : pgp: 8f91 b
Hello,
I tried to have a closer look at CVE-2024-28130 in dcmtk in
bookworm and noted there were ports of fixes to Debian bullseye
LTS earlier that year. Either by picking upstream commits or by
fetching LTS patches, changes were sufficiently involved that I
didn't feel confident to make the nece
Good evening,
I have pushed some changes in Salsa, in the debian/bookworm
branch[1]. Patches are applied for CVE-2024-47796 and
CVE-2024-52333, fixing the present issues.
Salvatore Bonaccorso, on 2025-01-27:
> On Mon, Jan 27, 2025 at 07:57:59PM +0100, Étienne Mollier wrote:
> > Salvatore Bonacco
6 matches
Mail list logo
