Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

dcmtk: Multiple CVEs reported: CVE-2022-2119 CVE-2022-2120 CVE-2022-2121

Related Vulnerabilities: CVE-2022-2119   CVE-2022-2120   CVE-2022-2121  

Source

Debian Bug report logs - #1014044
dcmtk: Multiple CVEs reported: CVE-2022-2119 CVE-2022-2120 CVE-2022-2121

version graph

Package: dcmtk; Maintainer for dcmtk is Debian Med Packaging Team <debian-med-packaging@lists.alioth.debian.org>; Source for dcmtk is src:dcmtk (PTS, buildd, popcon).

Reported by: Mathieu Malaterre <malat@debian.org>

Date: Wed, 29 Jun 2022 08:48:01 UTC

Severity: important

Tags: security, upstream

Found in version dcmtk/3.6.5-1

Reply or subscribe to this bug.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Debian Med Packaging Team <debian-med-packaging@lists.alioth.debian.org>:
Bug#1014044; Package dcmtk. (Wed, 29 Jun 2022 08:48:03 GMT) (full text, mbox, link).

Acknowledgement sent to Mathieu Malaterre <malat@debian.org>:
New Bug report received and forwarded. Copy sent to Debian Med Packaging Team <debian-med-packaging@lists.alioth.debian.org>. (Wed, 29 Jun 2022 08:48:03 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Mathieu Malaterre <malat@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: dcmtk: Multiple CVEs reported
Date: Wed, 29 Jun 2022 10:43:59 +0200
Package: dcmtk
Version: 3.6.5-1
Severity: important

Dear Maintainer,

Multiples CVEs have been reported against DCMTK:

- CVE-2022-2119
- CVE-2022-2120
- CVE-2022-2121

Should we track them ? Should it be handled by debian-security team ?

-- System Information:
Debian Release: 11.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-15-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages dcmtk depends on:
ii  adduser     3.118
ii  libc6       2.31-13+deb11u3
ii  libdcmtk17  3.6.7-5
ii  libgcc-s1   10.2.1-6
ii  libstdc++6  10.2.1-6
ii  libxml2     2.9.10+dfsg-6.7+deb11u2
ii  zlib1g      1:1.2.11.dfsg-2+deb11u1

dcmtk recommends no packages.

dcmtk suggests no packages.

-- no debconf information

Added tag(s) upstream and security. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 29 Jun 2022 15:15:02 GMT) (full text, mbox, link).

Changed Bug title to 'dcmtk: Multiple CVEs reported: CVE-2022-2119 CVE-2022-2120 CVE-2022-2121' from 'dcmtk: Multiple CVEs reported'. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 29 Jun 2022 15:15:03 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Jun 30 13:15:01 2022; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started