Fedora 36: 2023-eda976b192 Critical Memory Leak in dcmtk Resolved

DCMTK is a collection of libraries and applications implementing large

parts the DICOM standard. It includes software for examining,

constructing and converting DICOM image files, handling offline media,

sending and receiving images over a network connection, as well as

demonstrative image storage and worklist servers. DCMTK is is written

in a mixture of ANSI C and C++. It comes in complete source code and

is made available as "open source" software. This package includes

multiple fixes taken from the "patched DCMTK" project.

Install DCMTK if you are working with DICOM format medical image files.

Security fix for CVE-2022-43272

* Thu Mar 2 2023 Carl George - 3.6.7-3

- Backport fix for CVE-2022-43272, resolves rhbz#2150930

* Thu Jan 19 2023 Fedora Release Engineering - 3.6.7-2

- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

[ 1 ] Bug #2150929 - CVE-2022-43272 dcmtk: memory leak via the T_ASC_Association object.

https://bugzilla.redhat.com/show_bug.cgi?id=2150929

su -c 'dnf upgrade --advisory FEDORA-2023-eda976b192' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it: