-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 24 Jun 2026 21:16:40 +0200 Source: dcmtk Architecture: source Version: 3.6.7-9~deb12u4 Distribution: bookworm Urgency: medium Maintainer: Debian Med Packaging Team Changed-By: Étienne Mollier Closes: 1100724 1113993 1122926 1123584 1133001 1139181 1140562 Changes: dcmtk (3.6.7-9~deb12u4) bookworm; urgency=medium . * Team upload. * 0012-CVE-2022-4981.patch: new: fix CVE-2022-4981. * 0013-CVE-2025-2357.patch: new: fix CVE-2025-2357. (Closes: #1100724) * *CVE-2025-9732*.patch: new. These two patches fix CVE-2025-9732. (Closes: #1113993) * 0016-CVE-2025-14607.patch: new: fix CVE-2025-14607. (Closes: #1122926) * 0017-CVE-2025-14841.patch: new: fix CVE-2025-14841. (Closes: #1123584) * 0018-CVE-2026-5663.patch: new: fix CVE-2026-5663. This patch required some rework from upstream due to little changes in the logic and the coding style. (Closes: #1133001) * 0019-CVE-2026-10194.patch: new: fix CVE-2026-10194. (Closes: #1139181) * 0020-CVE-2026-12805.patch: new: fix CVE-2026-12805. This patch fixes a risk of buffer overflow by ensuring negative error codes in XMLNode::parseFile are properly handled, as well a NULL values. (Closes: #1140562) Checksums-Sha1: 5fd1c338f4b714440fdd8a9607397762b25db3a3 2353 dcmtk_3.6.7-9~deb12u4.dsc 85e0f685bd6e5f0a4ce7cb592b0354adbea7703b 70296 dcmtk_3.6.7-9~deb12u4.debian.tar.xz 558019ab5aa114688d8d5750f81872ea697a632c 11959 dcmtk_3.6.7-9~deb12u4_amd64.buildinfo Checksums-Sha256: 67ebf387308cf7039ed49b78ab8ff395e375b970899778d19531512eec6831ed 2353 dcmtk_3.6.7-9~deb12u4.dsc 45a0d81621531bd54f2b492bafaccf49d5143f1bbb401121af5a5332fba09c82 70296 dcmtk_3.6.7-9~deb12u4.debian.tar.xz dee79755ce7f6bb4dfbbd9bf25f1520e11a4e26f1fa436f387955823eaf7d01b 11959 dcmtk_3.6.7-9~deb12u4_amd64.buildinfo Files: 690f5101a6d9d7c5d22690903deacb27 2353 science optional dcmtk_3.6.7-9~deb12u4.dsc cf1ad6922c13975b3b20c2cb941b6f21 70296 science optional dcmtk_3.6.7-9~deb12u4.debian.tar.xz b71756667b537e072e45ec90bcf02743 11959 science optional dcmtk_3.6.7-9~deb12u4_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEEj5GyJ8fW8rGUjII2eTz2fo8NEdoFAmpDcPkUHGVtb2xsaWVy QGRlYmlhbi5vcmcACgkQeTz2fo8NEdrr5A/+NHP4utL3Ep6vd/bS5MbHWUnqh5AX G8YvyL2evb/SaeTdxFfCQmTHht+NSB5q6lB2sOzCPWRGSTHyaBj+BJL4C7GL6MVV 8pQ96OtGAv0BXhXajviULyTGfV9A2J/NNfdNmQ+UGE0d8qD4G09ByUWSUMUfKOOR JkPtJWA68B/MqFiZjp+kKLOfEm2P2W3DBhH39oNjHFoVRBCKfHLV4eVGo4JzkC95 cprfCwqSc7hcH6Bx8urZHZOO81cDE6IRFuObbs4PNEsMU8g1RKJlPWxFiz0TSV9E NiHrxYtSwx6Nw3NM4v4v5tA1Lpf3YkfQdGFkrZ0cqZ2PgoDaiytVhj9vz+q3f828 wFN9JGZyT9A56L37AN9nZLHt/0TVqa0hoK7D+pLtc9I1dLj3MXw1lg9C60EkKUcy CgquCAfkfLCp01XHOLHkJXOlxo9ifcVt9DfAZtfEaKJvNjKrlRl701LmcNKxpFVD 9ras6X4JR6jhBdhY7kQYcEXYFC7aiTHtIuRCEqMYi6JpN7KcHd8ayt310kklo535 WtjETmUJTy5W9vR0UFZZRI2nSsZs0Yueex/RtCKe9dhBFpCDrVOxDm8StDKdptm0 LGksOushcVEtiU7KyRzbULwafEgO8SLyEGZXrOehOsM818g6g6iZ1hPWBTWk9HYG T61QaKPpavOtjsA= =ETP2 -----END PGP SIGNATURE-----