{"affected":[{"ecosystem_specific":{"binaries":[{"dcmtk":"3.6.9-bp156.4.3.1","dcmtk-devel":"3.6.9-bp156.4.3.1","libdcmtk19":"3.6.9-bp156.4.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP6","name":"dcmtk","purl":"pkg:rpm/suse/dcmtk&distro=SUSE%20Package%20Hub%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.9-bp156.4.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"dcmtk":"3.6.9-bp156.4.3.1","dcmtk-devel":"3.6.9-bp156.4.3.1","libdcmtk19":"3.6.9-bp156.4.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"dcmtk","purl":"pkg:rpm/opensuse/dcmtk&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.9-bp156.4.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for dcmtk fixes the following issues:\n\nUpdate to 3.6.9. See DOCS/CHANGES.368 for the full list of changes\n\nSecurity issues fixed:\n\n- CVE-2024-27628: Fixed buffer overflow via the EctEnhancedCT method (boo#1227235)\n- CVE-2024-34508: Fixed a segmentation fault via an invalid DIMSE message (boo#1223925)\n- CVE-2024-34509: Fixed segmentation fault via an invalid DIMSE message\t(boo#1223943)\n- CVE-2024-47796: Fixed out-of-bounds write due to improper array index validation in the nowindow functionality (boo#1235810)\n- CVE-2024-52333: Fixed out-of-bounds write due to improper array index validation in the determineMinMax functionality (boo#1235811)\n","id":"openSUSE-SU-2025:0053-1","modified":"2025-02-06T12:02:04Z","published":"2025-02-06T12:02:04Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WGCW42LVEP5RLYCJ2ZF4ZZWGFA4Y2VOK/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223925"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223943"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227235"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235810"},{"type":"REPORT","url":"https://bugzilla.suse.com/1235811"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-27628"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-34508"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-34509"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-47796"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-52333"}],"related":["CVE-2024-27628","CVE-2024-34508","CVE-2024-34509","CVE-2024-47796","CVE-2024-52333"],"summary":"Security update for dcmtk","upstream":["CVE-2024-27628","CVE-2024-34508","CVE-2024-34509","CVE-2024-47796","CVE-2024-52333"]}