Bug#1077549: bookworm-pu: package xmedcon/0.23.0-gtk3+dfsg-1+deb12u1

To: Étienne Mollier <emollier@debian.org>, 1077549@bugs.debian.org
Subject: Bug#1077549: bookworm-pu: package xmedcon/0.23.0-gtk3+dfsg-1+deb12u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 17 Aug 2024 17:40:22 +0100
Message-id: <[🔎] 170d842e555707c8dcff9edf744bb1d04ca6b4af.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1077549@bugs.debian.org
In-reply-to: <ZqgC9ky4KKjwDK9J@fusion.emlwks999.eu>
References: <ZqgC9ky4KKjwDK9J@fusion.emlwks999.eu> <ZqgC9ky4KKjwDK9J@fusion.emlwks999.eu>

Control: tags -1 + confirmed

On Mon, 2024-07-29 at 23:00 +0200, Étienne Mollier wrote:
> xmedcon in bookworm is affected by CVE-2024-29421.  It is,
> quoting the description: "vulnerable to Buffer Overflow via
> libs/dicom/basic.c which allows an attacker to execute arbitrary
> code".  It is currently rated minor by the security team, hence
> following the proposed-update process instead of a security
> update.  The issue is tracked in #1077369.

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#1077549: bookworm-pu: package xmedcon/0.23.0-gtk3+dfsg-1+deb12u1
  - From: Étienne Mollier <emollier@debian.org>

Prev by Date: Processed: Re: Bug#1077515: bookworm-pu: package putty/0.78-2+deb12u2
Next by Date: Processed: Re: Bug#1077549: bookworm-pu: package xmedcon/0.23.0-gtk3+dfsg-1+deb12u1
Previous by thread: Bug#1077549: bookworm-pu: package xmedcon/0.23.0-gtk3+dfsg-1+deb12u1
Next by thread: Processed: Re: Bug#1077549: bookworm-pu: package xmedcon/0.23.0-gtk3+dfsg-1+deb12u1
Index(es):
- Date
- Thread