Re: CVEs in DCMTK
Hi Mathieu,
Am Wed, Jun 29, 2022 at 08:48:12AM +0200 schrieb Mathieu Malaterre:
> It turns out there are three CVEs associated with DCMTK version older
> than 3.6.7.
>
> * https://www.hipaajournal.com/warning-issued-about-3-high-severity-vulnerabilities-in-offis-dicom-software/
Thanks for pointing this out.
> Should we get in touch with debian-security to have them properly
> reported ? I am not clear about the process.
I think the first step is to file an according bug report - may be with
debian-security right in CC asking for further advise.
Kind regards
Andreas.
--
http://fam-tille.de
Reply to: