Описание
Security update for dcmtk
This update for dcmtk fixes the following issues:
- Fixed incorrect type conversion in the DVPSSoftcopyVOI_PList:createFromImage functionality of OFFIS DCMTK (boo#1223324, CVE-2024-28130)
-
Add missing requirements for dcmtk-devel (boo#1220809)
-
Update to 3.6.8 See DOCS/CHANGES.368 for the full list of changes
Список пакетов
SUSE Package Hub 15 SP5
dcmtk-3.6.8-bp155.3.3.1
dcmtk-devel-3.6.8-bp155.3.3.1
libdcmtk18-3.6.8-bp155.3.3.1
openSUSE Leap 15.5
dcmtk-3.6.8-bp155.3.3.1
dcmtk-devel-3.6.8-bp155.3.3.1
libdcmtk18-3.6.8-bp155.3.3.1
Ссылки
- E-Mail link for openSUSE-SU-2024:0113-1
- SUSE Security Ratings
- SUSE Bug 1220809
- SUSE Bug 1223324
- SUSE CVE CVE-2024-28130 page
Описание
An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality of OFFIS DCMTK 3.6.8. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Затронутые продукты
SUSE Package Hub 15 SP5:dcmtk-3.6.8-bp155.3.3.1
SUSE Package Hub 15 SP5:dcmtk-devel-3.6.8-bp155.3.3.1
SUSE Package Hub 15 SP5:libdcmtk18-3.6.8-bp155.3.3.1
openSUSE Leap 15.5:dcmtk-3.6.8-bp155.3.3.1
Ссылки
- CVE-2024-28130
- SUSE Bug 1223324