Fedora 29 dcmtk FEDORA-2019-4349fc0afb Critical: Buffer Overflow Threat

DCMTK is a collection of libraries and applications implementing large

parts the DICOM standard. It includes software for examining,

constructing and converting DICOM image files, handling offline media,

sending and receiving images over a network connection, as well as

demonstrative image storage and worklist servers. DCMTK is is written

in a mixture of ANSI C and C++. It comes in complete source code and

is made available as "open source" software. This package includes

multiple fixes taken from the "patched DCMTK" project.

Install DCMTK if you are working with DICOM format medical image files.

Security fix for CVE-2019-1010228

* Tue Sep 17 2019 Ankur Sinha - 3.6.2-6

- Include patch fix for CVE-2019-1010228

* Thu Jan 31 2019 Fedora Release Engineering - 3.6.2-5

- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild

[ 1 ] Bug #1732221 - CVE-2019-1010228 DCMTK: buffer overflow in DcmRLEDecoder::decompress() leads to possible code execution and denial of service

https://bugzilla.redhat.com/show_bug.cgi?id=1732221

su -c 'dnf upgrade --advisory FEDORA-2019-4349fc0afb' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/