Bug#1078169: bullseye-pu: package xmedcon/0.16.3+dfsg-1+deb11u1

To: Étienne Mollier <emollier@debian.org>, 1078169@bugs.debian.org
Subject: Bug#1078169: bullseye-pu: package xmedcon/0.16.3+dfsg-1+deb11u1
From: Jonathan Wiltshire <jmw@debian.org>
Date: Sat, 10 Aug 2024 20:52:36 +0100
Message-id: <[🔎] ZrfFBPwcbkJ4YyYt@powdarrmonkey.net>
Reply-to: Jonathan Wiltshire <jmw@debian.org>, 1078169@bugs.debian.org
In-reply-to: <[🔎] ZrO1b8dAZQdAwu0h@emlwks999.eu>
References: <[🔎] ZrO1b8dAZQdAwu0h@emlwks999.eu> <[🔎] ZrO1b8dAZQdAwu0h@emlwks999.eu>

Control: tag -1 confirmed

Hi,

On Wed, Aug 07, 2024 at 07:57:03PM +0200, Étienne Mollier wrote:
> [ Reason ]
> xmedcon in bullseye is affected by CVE-2024-29421.  It is,
> quoting the description: "vulnerable to Buffer Overflow via
> libs/dicom/basic.c which allows an attacker to execute arbitrary
> code".  It is currently rated minor by the security team, hence
> following the proposed-update process instead of a security
> update.  The issue is tracked in #1077369.

Please go ahead.

Thanks,

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Reply to:

Follow-Ups:
- Bug#1078169: bullseye-pu: package xmedcon/0.16.3+dfsg-1+deb11u1
  - From: Étienne Mollier <emollier@debian.org>

References:
- Bug#1078169: bullseye-pu: package xmedcon/0.16.3+dfsg-1+deb11u1
  - From: Étienne Mollier <emollier@debian.org>

Prev by Date: Processed: Re: Bug#1078169: bullseye-pu: package xmedcon/0.16.3+dfsg-1+deb11u1
Next by Date: Bug#1060188: marked as done (transition: flatbuffers)
Previous by thread: Processed: Re: Bug#1078169: bullseye-pu: package xmedcon/0.16.3+dfsg-1+deb11u1
Next by thread: Bug#1078169: bullseye-pu: package xmedcon/0.16.3+dfsg-1+deb11u1
Index(es):
- Date
- Thread